:: commit c76881a375f21bfb37f04e0de96873611c508045
build: Replace stb_image with a hardened replacement
diff --git a/.gitignore b/.gitignore
index f8c7df7c..34ca336f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -27,7 +27,7 @@
/picoefi
/freestnd-c-hdrs
/flanterm
-/common/lib/stb_image.h.nopatch
+/stbi-hardened
/common/lib/stb_image.h
/common/cc-runtime.s2.c
/cc-runtime
diff --git a/3RDPARTY.md b/3RDPARTY.md
index cdcb17eb..974b9975 100644
--- a/3RDPARTY.md
+++ b/3RDPARTY.md
@@ -52,7 +52,7 @@ below) provides headers and build-time support for UEFI.
- [Flanterm](https://github.com/Mintsuki/Flanterm) (BSD-2-Clause) is used for
text related screen drawing.
-- [stb_image](https://github.com/nothings/stb/blob/master/stb_image.h) (MIT) is
+- [stb_image (hardened)](https://github.com/Mintsuki/stbi-hardened) (MIT) is
used for wallpaper image loading.
- [libfdt](https://github.com/osdev0/libfdt) (BSD-2-Clause) is used for
diff --git a/GNUmakefile.in b/GNUmakefile.in
index 2e19b9f3..b3c4e276 100644
--- a/GNUmakefile.in
+++ b/GNUmakefile.in
@@ -305,7 +305,7 @@ dist:
rm -rf '$(call SHESCAPE,$(BUILDDIR))'/"$(DIST_OUTPUT)/picoefi/.gitignore"
rm -rf '$(call SHESCAPE,$(BUILDDIR))'/"$(DIST_OUTPUT)/cc-runtime"
rm -rf '$(call SHESCAPE,$(BUILDDIR))'/"$(DIST_OUTPUT)/libfdt/.git"
- rm -rf '$(call SHESCAPE,$(BUILDDIR))'/"$(DIST_OUTPUT)/common/lib/stb_image.h.nopatch"
+ rm -rf '$(call SHESCAPE,$(BUILDDIR))'/"$(DIST_OUTPUT)/stbi-hardened"
rm -rf '$(call SHESCAPE,$(BUILDDIR))'/"$(DIST_OUTPUT)/.git"
rm -rf '$(call SHESCAPE,$(BUILDDIR))'/"$(DIST_OUTPUT)/.gitignore"
rm -rf '$(call SHESCAPE,$(BUILDDIR))'/"$(DIST_OUTPUT)/.github"
@@ -330,7 +330,7 @@ distclean: clean
.PHONY: maintainer-clean
maintainer-clean: distclean
- cd '$(call SHESCAPE,$(SRCDIR))' && rm -rf flanterm common/lib/stb_image.h.nopatch common/lib/stb_image.h libfdt freestnd-c-hdrs cc-runtime common/cc-runtime.s2.c limine-protocol picoefi configure timestamps build-aux *'~' autom4te.cache aclocal.m4 *.tar*
+ cd '$(call SHESCAPE,$(SRCDIR))' && rm -rf flanterm stbi-hardened common/lib/stb_image.h libfdt freestnd-c-hdrs cc-runtime common/cc-runtime.s2.c limine-protocol picoefi configure timestamps build-aux *'~' autom4te.cache aclocal.m4 *.tar*
.PHONY: common-uefi-x86-64
common-uefi-x86-64:
diff --git a/bootstrap b/bootstrap
index 993dabca..34ac160e 100755
--- a/bootstrap
+++ b/bootstrap
@@ -35,40 +35,6 @@ clone_repo_commit() {
fi
}
-download_by_hash() {
- DOWNLOAD_COMMAND="curl -Lo"
- if ! command -v "${DOWNLOAD_COMMAND%% *}" >/dev/null 2>&1; then
- DOWNLOAD_COMMAND="wget -O"
- if ! command -v "${DOWNLOAD_COMMAND%% *}" >/dev/null 2>&1; then
- set +x
- echo "error: Neither curl nor wget found" 1>&2
- exit 1
- fi
- fi
- SHA256_COMMAND="sha256sum"
- if ! command -v "${SHA256_COMMAND%% *}" >/dev/null 2>&1; then
- SHA256_COMMAND="sha256"
- if ! command -v "${SHA256_COMMAND%% *}" >/dev/null 2>&1; then
- set +x
- echo "error: Cannot find sha256(sum) command" 1>&2
- exit 1
- fi
- fi
- if ! test -f "$2" || ! $SHA256_COMMAND "$2" | grep $3 >/dev/null 2>&1; then
- rm -f "$2"
- mkdir -p "$2" && rm -rf "$2"
- $DOWNLOAD_COMMAND "$2" $1
- if ! $SHA256_COMMAND "$2" | grep $3 >/dev/null 2>&1; then
- set +x
- echo "error: Cannot download file '$2' by hash" 1>&2
- echo "incorrect hash:" 1>&2
- $SHA256_COMMAND "$2" 1>&2
- rm -f "$2"
- exit 1
- fi
- fi
-}
-
if ! test -f version; then
clone_repo_commit \
https://github.com/osdev0/freestnd-c-hdrs-0bsd.git \
@@ -103,11 +69,11 @@ if ! test -f version; then
flanterm \
f3221ad399f08437efd6de77a5f0d9a5607a8649
- download_by_hash \
- https://github.com/nothings/stb/raw/5c205738c191bcb0abc65c4febfa9bd25ff35234/stb_image.h \
- common/lib/stb_image.h.nopatch \
- 594c2fe35d49488b4382dbfaec8f98366defca819d916ac95becf3e75f4200b3
- cp common/lib/stb_image.h.nopatch common/lib/stb_image.h
+ clone_repo_commit \
+ https://github.com/Mintsuki/stbi-hardened.git \
+ stbi-hardened \
+ 41cfb903dbff2d38a529446d7ed2388f7753ea64
+ cp stbi-hardened/include/stb_image.h common/lib/stb_image.h
patch -p0 < common/stb_image.patch
rm -f common/lib/stb_image.h.orig
