dev-libs/protobuf: update to 21.9

.github/workflows/portage-stable-packages-list

@@ -163,6 +163,7 @@ dev-libs/libxslt
 dev-libs/nettle
 dev-libs/oniguruma
 dev-libs/popt
+dev-libs/protobuf
 dev-libs/userspace-rcu
 
 dev-perl/File-Slurp

changelog/security/2023-07-13-protobuf-21.9.md

@@ -0,0 +1 @@
+- protobuf ([CVE-2022-1941](https://nvd.nist.gov/vuln/detail/CVE-2022-1941))

changelog/updates/2023-07-13-protobuf-21.9.md

@@ -0,0 +1 @@
+- protobuf ([21.9](https://github.com/protocolbuffers/protobuf/releases/tag/v21.9))

sdk_container/src/third_party/portage-stable/dev-libs/protobuf/Manifest

@@ -1,7 +1 @@
-DIST protobuf-3.17.0.tar.gz 5185780 BLAKE2B a168619df72cdf097c7ddfd50aca96a2101bf73e7c1c842c020e6ee08a853db8674a86ca999b7706da3dd21d4d3d2159241c93232efc693701962f3a54a382e9 SHA512 36ed2de641849ce01531ff1207f62a0748f811519c40622a119a17a1e709864382de81481fb58f374a025948971c48416e7e6de9c00512a78633c7a8a3aa3a36
-DIST protobuf-3.17.1.tar.gz 5192666 BLAKE2B 7f912db7e0835aaa42628fcf564a5666e2cbfa021bb35638a5eec53c3c457f1e747225dea54f732b7239a1520febca9bc20c824b1938f100796caa3ac2133bc1 SHA512 5a18aa3c1dab040dc6d22310a8503241081106acf7ca89079d7b416533d7c2cdd47719dc9023e6bc26969f0f1c796550260a04034a403c69752f6a3a7a651bb8
-DIST protobuf-3.17.2.tar.gz 5192779 BLAKE2B 97f9561848e70b8d26ebcc7fc4fa8da51c4b8267efbe1d2d386c2785308e7ba7edc05f1b3863c274dc8838866d58b58509606d72c51a22b956d1d528584c4c95 SHA512 b3e7ad50ed772668df70a3a20ad1af13a5e82f23b109e4fecd34e6a74947bed300963c9f084907fbfafe28fc18365cde7df1975e2ff9538d2f5a3d2b458bca98
-DIST protobuf-3.17.3.tar.gz 5235236 BLAKE2B 2495e678c8f9436d4e5a30ccee8b6226125d418ac7ecf7df20b078a1a16c221cbccab7d846dcd56a90220c106617fa75c410a21b62612fedec378cd7e8571350 SHA512 b4030b4474cc5fb5a62501200725dd488e6e66e3ced4ed12ab4ee029fcfed305e92ec966adafbdd343afffd186908163849422b95eaa500e7e741ac325d01d12
-DIST protobuf-3.18.2.tar.gz 5272935 BLAKE2B f65caa4483d3ff4186f9ea388e2a9ef232ab758cfda846cfb5993df1f991e4574e63a33b175dd00c72f61c0a23ed12d3c62eb658cd397bf43b805c41fb34c47e SHA512 8ca613fdeefcbd93e866fab65effc38aa8508060aa3de0109dbead68f2e27eb22ad0a8aea10c8b4c3e9de181d62185c93b369fb5abf96de02a170f2e5c27e0cd
-DIST protobuf-3.19.1.tar.gz 5291573 BLAKE2B a34f1a7cf99ecb6cb8a26bc858de6273bfd26aa9be1e89e48c16cb5df0f1e9576479344c8250017238dbac0d0c4ac33001125b5fc622cb64ed6b91023198b03a SHA512 f1271f5159a7be363a5f60ce4921dfea68a8468d66808330bacaeaa1cb7f652d045ab080b5d82816a6fd4e6d7d7fe79aaa6c8d66d81692721d36ce3bbf619f31
-DIST protobuf-3.19.3.tar.gz 5293258 BLAKE2B c05b70ffca97f7166ea6a511a36907eed125edf1ebf17f908718221d9b851be84dfb2b1b39973f2faf35f6ade630e6ba4f9e8b91b8fbc922c5db97079323ee6e SHA512 1c003e7cbc8eae6a038f46e688b401ee202ba47f502561e909df79770f6e8b7daf3dc1ccc727e31bfb5b52cd04cb4fef7d2d2a28d650c13f396872ad4aa076c6
+DIST protobuf-21.9.tar.gz 5110670 BLAKE2B a4f5b7f58e1c5904ca990b100a72992f6f56177b28773f8de8c99e4158391d33cfb8aa8575915887fc9ae4294faf81d4ff6b470bc07b394bfd5885a09ba0fafe SHA512 6954b42d21921e630173b7848c056ab95635627d8eddec960f3db2ddda13eedde00520a9b350722e76e2998649eb8ebe10758e1db938b6a91e38ff3295b1b7c1

sdk_container/src/third_party/portage-stable/dev-libs/protobuf/files/protobuf-21.9-disable-32-bit-tests.patch

@@ -0,0 +1,118 @@
+https://bugs.gentoo.org/875584
+https://github.com/protocolbuffers/protobuf/pull/10589
+
+From 5f4a52d9bff7595ec47fb6727662a1cada3cd404 Mon Sep 17 00:00:00 2001
+From: Mike Kruskal <[email protected]>
+Date: Thu, 15 Sep 2022 10:23:23 -0700
+Subject: [PATCH 3/7] Patching static assert test failure
+
+--- a/src/google/protobuf/extension_set_unittest.cc
++++ b/src/google/protobuf/extension_set_unittest.cc
+@@ -855,8 +855,10 @@ TEST(ExtensionSetTest, SpaceUsedExcludingSelf) {
+     const size_t old_capacity =                                                \
+         message->GetRepeatedExtension(unittest::repeated_##type##_extension)   \
+             .Capacity();                                                       \
+-    EXPECT_GE(old_capacity,                                                    \
+-              (RepeatedFieldLowerClampLimit<cpptype, sizeof(void*)>()));       \
++    EXPECT_GE(                                                                 \
++        old_capacity,                                                          \
++        (RepeatedFieldLowerClampLimit<cpptype, std::max(sizeof(cpptype),       \
++                                                        sizeof(void*))>()));   \
+     for (int i = 0; i < 16; ++i) {                                             \
+       message->AddExtension(unittest::repeated_##type##_extension, value);     \
+     }                                                                          \
+
+From c94b66706bec17d918495f4715183a5eaf0f8044 Mon Sep 17 00:00:00 2001
+From: Mike Kruskal <[email protected]>
+Date: Thu, 15 Sep 2022 11:31:31 -0700
+Subject: [PATCH 4/7] Test fixes for 32-bit architectures
+
+--- a/src/google/protobuf/compiler/cpp/message_size_unittest.cc
++++ b/src/google/protobuf/compiler/cpp/message_size_unittest.cc
+@@ -139,9 +139,9 @@ TEST(GeneratedMessageTest, OneStringSize) {
+
+ TEST(GeneratedMessageTest, MoreStringSize) {
+   struct MockGenerated : public MockMessageBase {  // 16 bytes
+-    int has_bits[1];                               // 4 bytes
+     int cached_size;                               // 4 bytes
+     MockRepeatedPtrField data;                     // 24 bytes
++    // + 4 bytes padding
+   };
+   GOOGLE_CHECK_MESSAGE_SIZE(MockGenerated, 48);
+   EXPECT_EQ(sizeof(protobuf_unittest::MoreString), sizeof(MockGenerated));
+--- a/src/google/protobuf/io/zero_copy_stream_unittest.cc
++++ b/src/google/protobuf/io/zero_copy_stream_unittest.cc
+@@ -720,6 +720,9 @@ TEST_F(IoTest, StringIo) {
+
+ // Verifies that outputs up to kint32max can be created.
+ TEST_F(IoTest, LargeOutput) {
++  // Filter out this test on 32-bit architectures.
++  if(sizeof(void*) < 8) return;
++
+   std::string str;
+   StringOutputStream output(&str);
+   void* unused_data;
+--- a/src/google/protobuf/repeated_field_unittest.cc
++++ b/src/google/protobuf/repeated_field_unittest.cc
+@@ -429,14 +429,14 @@ TEST(RepeatedField, ReserveNothing) {
+
+ TEST(RepeatedField, ReserveLowerClamp) {
+   int clamped_value = internal::CalculateReserveSize<bool, sizeof(void*)>(0, 1);
+-  EXPECT_GE(clamped_value, 8 / sizeof(bool));
++  EXPECT_GE(clamped_value, sizeof(void*) / sizeof(bool));
+   EXPECT_EQ((internal::RepeatedFieldLowerClampLimit<bool, sizeof(void*)>()),
+             clamped_value);
+   // EXPECT_EQ(clamped_value, (internal::CalculateReserveSize<bool,
+   // sizeof(void*)>( clamped_value, 2)));
+
+   clamped_value = internal::CalculateReserveSize<int, sizeof(void*)>(0, 1);
+-  EXPECT_GE(clamped_value, 8 / sizeof(int));
++  EXPECT_GE(clamped_value, sizeof(void*) / sizeof(int));
+   EXPECT_EQ((internal::RepeatedFieldLowerClampLimit<int, sizeof(void*)>()),
+             clamped_value);
+   // EXPECT_EQ(clamped_value, (internal::CalculateReserveSize<int,
+--- a/src/google/protobuf/util/time_util_test.cc
++++ b/src/google/protobuf/util/time_util_test.cc
+@@ -48,15 +48,18 @@ using google::protobuf::Timestamp;
+ namespace {
+
+ TEST(TimeUtilTest, TimestampStringFormat) {
+-  Timestamp begin, end;
+-  EXPECT_TRUE(TimeUtil::FromString("0001-01-01T00:00:00Z", &begin));
+-  EXPECT_EQ(TimeUtil::kTimestampMinSeconds, begin.seconds());
+-  EXPECT_EQ(0, begin.nanos());
+-  EXPECT_TRUE(TimeUtil::FromString("9999-12-31T23:59:59.999999999Z", &end));
+-  EXPECT_EQ(TimeUtil::kTimestampMaxSeconds, end.seconds());
+-  EXPECT_EQ(999999999, end.nanos());
+-  EXPECT_EQ("0001-01-01T00:00:00Z", TimeUtil::ToString(begin));
+-  EXPECT_EQ("9999-12-31T23:59:59.999999999Z", TimeUtil::ToString(end));
++  // These these are out of bounds for 32-bit architectures.
++  if(sizeof(time_t) >= sizeof(uint64_t)) {
++    Timestamp begin, end;
++    EXPECT_TRUE(TimeUtil::FromString("0001-01-01T00:00:00Z", &begin));
++    EXPECT_EQ(TimeUtil::kTimestampMinSeconds, begin.seconds());
++    EXPECT_EQ(0, begin.nanos());
++    EXPECT_TRUE(TimeUtil::FromString("9999-12-31T23:59:59.999999999Z", &end));
++    EXPECT_EQ(TimeUtil::kTimestampMaxSeconds, end.seconds());
++    EXPECT_EQ(999999999, end.nanos());
++    EXPECT_EQ("0001-01-01T00:00:00Z", TimeUtil::ToString(begin));
++    EXPECT_EQ("9999-12-31T23:59:59.999999999Z", TimeUtil::ToString(end));
++  }
+
+   // Test negative timestamps.
+   Timestamp time = TimeUtil::NanosecondsToTimestamp(-1);
+@@ -94,9 +97,12 @@ TEST(TimeUtilTest, DurationStringFormat) {
+   EXPECT_TRUE(TimeUtil::FromString("0001-01-01T00:00:00Z", &begin));
+   EXPECT_TRUE(TimeUtil::FromString("9999-12-31T23:59:59.999999999Z", &end));
+
+-  EXPECT_EQ("315537897599.999999999s", TimeUtil::ToString(end - begin));
++  // These these are out of bounds for 32-bit architectures.
++  if(sizeof(time_t) >= sizeof(uint64_t)) {
++    EXPECT_EQ("315537897599.999999999s", TimeUtil::ToString(end - begin));
++    EXPECT_EQ("-315537897599.999999999s", TimeUtil::ToString(begin - end));
++  }
+   EXPECT_EQ(999999999, (end - begin).nanos());
+-  EXPECT_EQ("-315537897599.999999999s", TimeUtil::ToString(begin - end));
+   EXPECT_EQ(-999999999, (begin - end).nanos());
+
+   // Generated output should contain 3, 6, or 9 fractional digits.