From e30c1c748a8dcc96e7f4373dc64740131bacf37a Mon Sep 17 00:00:00 2001
From: Panu Matilainen <pmatilai@fedoraproject.org>
Date: Dec 05 2008 20:06:32 +0000
Subject: - add lemon (parser generator) subpackage

- add patch to lemon (ported from Debian) to look for lempar.c template in
    system location, and avoid insecure sprintf() use

---

diff --git a/sqlite-3.6.6.2-lemon-snprintf.patch b/sqlite-3.6.6.2-lemon-snprintf.patch
new file mode 100644
index 0000000..299f5e3
--- /dev/null
+++ b/sqlite-3.6.6.2-lemon-snprintf.patch
@@ -0,0 +1,111 @@
+diff -up sqlite-3.6.6.2/tool/lemon.c.lemparpath sqlite-3.6.6.2/tool/lemon.c
+--- sqlite-3.6.6.2/tool/lemon.c.lemparpath	2008-12-05 20:37:49.000000000 +0200
++++ sqlite-3.6.6.2/tool/lemon.c	2008-12-05 20:44:08.000000000 +0200
+@@ -1324,15 +1324,15 @@ void ErrorMsg(const char *filename, int 
+   va_start(ap, format);
+   /* Prepare a prefix to be prepended to every output line */
+   if( lineno>0 ){
+-    sprintf(prefix,"%.*s:%d: ",PREFIXLIMIT-10,filename,lineno);
++    snprintf(prefix,sizeof prefix,"%.*s:%d: ",PREFIXLIMIT-10,filename,lineno);
+   }else{
+-    sprintf(prefix,"%.*s: ",PREFIXLIMIT-10,filename);
++    snprintf(prefix,sizeof prefix,"%.*s: ",PREFIXLIMIT-10,filename);
+   }
+   prefixsize = lemonStrlen(prefix);
+   availablewidth = LINEWIDTH - prefixsize;
+ 
+   /* Generate the error message */
+-  vsprintf(errmsg,format,ap);
++  vsnprintf(errmsg,sizeof errmsg,format,ap);
+   va_end(ap);
+   errmsgsize = lemonStrlen(errmsg);
+   /* Remove trailing '\n's from the error message. */
+@@ -2911,7 +2911,7 @@ struct lemon *lemp;
+     while( cfp ){
+       char buf[20];
+       if( cfp->dot==cfp->rp->nrhs ){
+-        sprintf(buf,"(%d)",cfp->rp->index);
++        snprintf(buf,sizeof buf,"(%d)",cfp->rp->index);
+         fprintf(fp,"    %5s ",buf);
+       }else{
+         fprintf(fp,"          ");
+@@ -2966,6 +2966,7 @@ int modemask;
+ {
+   char *pathlist;
+   char *path,*cp;
++  size_t pathsz;
+   char c;
+ 
+ #ifdef __WIN32__
+@@ -2976,21 +2977,21 @@ int modemask;
+   if( cp ){
+     c = *cp;
+     *cp = 0;
+-    path = (char *)malloc( lemonStrlen(argv0) + lemonStrlen(name) + 2 );
+-    if( path ) sprintf(path,"%s/%s",argv0,name);
++    path = (char *)malloc((pathsz=lemonStrlen(argv0) + lemonStrlen(name) + 2));
++    if( path ) snprintf(path,pathsz,"%s/%s",argv0,name);
+     *cp = c;
+   }else{
+     extern char *getenv();
+     pathlist = getenv("PATH");
+     if( pathlist==0 ) pathlist = ".:/bin:/usr/bin";
+-    path = (char *)malloc( lemonStrlen(pathlist)+lemonStrlen(name)+2 );
++    path = (char *)malloc((pathsz=lemonStrlen(pathlist)+lemonStrlen(name)+2));
+     if( path!=0 ){
+       while( *pathlist ){
+         cp = strchr(pathlist,':');
+         if( cp==0 ) cp = &pathlist[lemonStrlen(pathlist)];
+         c = *cp;
+         *cp = 0;
+-        sprintf(path,"%s/%s",pathlist,name);
++        snprintf(path,pathsz,"%s/%s",pathlist,name);
+         *cp = c;
+         if( c==0 ) pathlist = "";
+         else pathlist = &cp[1];
+@@ -3070,14 +3071,16 @@ struct lemon *lemp;
+ 
+   cp = strrchr(lemp->filename,'.');
+   if( cp ){
+-    sprintf(buf,"%.*s.lt",(int)(cp-lemp->filename),lemp->filename);
++    snprintf(buf,sizeof buf,"%.*s.lt",(int)(cp-lemp->filename),lemp->filename);
+   }else{
+-    sprintf(buf,"%s.lt",lemp->filename);
++    snprintf(buf,sizeof buf,"%s.lt",lemp->filename);
+   }
+   if( access(buf,004)==0 ){
+     tpltname = buf;
+   }else if( access(templatename,004)==0 ){
+     tpltname = templatename;
++  }else if( access("/usr/share/lemon/lempar.c",004)==0 ){
++    tpltname = "/usr/share/lemon/lempar.c";
+   }else{
+     tpltname = pathsearch(lemp->argv0,templatename,0);
+   }
+@@ -3089,7 +3092,7 @@ struct lemon *lemp;
+   }
+   in = fopen(tpltname,"rb");
+   if( in==0 ){
+-    fprintf(stderr,"Can't open the template file \"%s\".\n",templatename);
++    fprintf(stderr,"Can't open the template file \"%s\".\n",tpltname);
+     lemp->errorcnt++;
+     return 0;
+   }
+@@ -3827,7 +3830,7 @@ int mhflag;     /* Output in makeheaders
+   /* Generate a table containing the symbolic name of every symbol
+   */
+   for(i=0; i<lemp->nsymbol; i++){
+-    sprintf(line,"\"%s\",",lemp->symbols[i]->name);
++    snprintf(line,sizeof line,"\"%s\",",lemp->symbols[i]->name);
+     fprintf(out,"  %-15s",line);
+     if( (i&3)==3 ){ fprintf(out,"\n"); lineno++; }
+   }
+@@ -3983,7 +3986,7 @@ struct lemon *lemp;
+   in = file_open(lemp,".h","rb");
+   if( in ){
+     for(i=1; i<lemp->nterminal && fgets(line,LINESIZE,in); i++){
+-      sprintf(pattern,"#define %s%-30s %2d\n",prefix,lemp->symbols[i]->name,i);
++      snprintf(pattern,sizeof pattern,"#define %s%-30s %2d\n",prefix,lemp->symbols[i]->name,i);
+       if( strcmp(line,pattern) ) break;
+     }
+     fclose(in);
diff --git a/sqlite.spec b/sqlite.spec
index 096feb7..abe9001 100644
--- a/sqlite.spec
+++ b/sqlite.spec
@@ -6,13 +6,15 @@
 Summary: Library that implements an embeddable SQL database engine
 Name: sqlite
 Version: 3.6.6.2
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: Public Domain
 Group: 	Applications/Databases
 URL: http://www.sqlite.org/
 Source: http://www.sqlite.org/sqlite-%{version}.tar.gz
 # Fix build with --enable-load-extension, upstream ticket #3137
 Patch1: sqlite-3.6.6.2-libdl.patch
+# Avoid insecure sprintf(), use a system path for lempar.c, patch from Debian
+Patch2: sqlite-3.6.6.2-lemon-snprintf.patch
 Obsoletes: sqlite3 sqlite3-devel
 BuildRequires: ncurses-devel readline-devel glibc-devel
 %if %{with tcl}
@@ -43,6 +45,21 @@ This package contains the header files and development documentation
 for %{name}. If you like to develop programs using %{name}, you will need 
 to install %{name}-devel.
 
+%package -n lemon
+Summary: A parser generator
+Group: Development/Tools
+
+%description -n lemon
+Lemon is an LALR(1) parser generator for C or C++. It does the same
+job as bison and yacc. But lemon is not another bison or yacc
+clone. It uses a different grammar syntax which is designed to reduce
+the number of coding errors. Lemon also uses a more sophisticated
+parsing engine that is faster than yacc and bison and which is both
+reentrant and thread-safe. Furthermore, Lemon implements features
+that can be used to eliminate resource leaks, making is suitable for
+use in long-running programs such as graphical user interfaces or
+embedded controllers.
+
 %if %{with tcl}
 %package tcl
 Summary: Tcl module for the sqlite3 embeddable SQL database engine.
@@ -57,6 +74,7 @@ This package contains the tcl modules for %{name}.
 %prep
 %setup -q
 %patch1 -p1 -b .libdl
+%patch2 -p1 -b .lemon-sprintf
 
 %build
 export CFLAGS="$RPM_OPT_FLAGS -DSQLITE_ENABLE_COLUMN_METADATA=1 -DSQLITE_DISABLE_DIRSYNC=1 -Wall"
@@ -73,7 +91,9 @@ rm -rf $RPM_BUILD_ROOT
 
 make DESTDIR=${RPM_BUILD_ROOT} %{?with_tcl:TCLLIBDIR=%{tcl_sitearch}} install
 
-%{__install} -D -m0644 sqlite3.1 %{buildroot}%{_mandir}/man1/sqlite3.1
+install -D -m0644 sqlite3.1 $RPM_BUILD_ROOT/%{_mandir}/man1/sqlite3.1
+install -D -m0755 lemon $RPM_BUILD_ROOT/%{_bindir}/lemon
+install -D -m0655 tool/lempar.c $RPM_BUILD_ROOT/%{_datadir}/lemon/lempar.c
 
 %if %{with tcl}
 # fix up permissions to enable dep extraction
@@ -113,6 +133,11 @@ rm -rf $RPM_BUILD_ROOT
 %exclude %{_libdir}/*.la
 %endif
 
+%files -n lemon
+%defattr(-, root, root)
+%{_bindir}/lemon
+%{_datadir}/lemon
+
 %if %{with tcl}
 %files tcl
 %defattr(-, root, root)
@@ -120,6 +145,9 @@ rm -rf $RPM_BUILD_ROOT
 %endif
 
 %changelog
+* Fri Dec 05 2008 Panu Matilainen <pmatilai@redhat.com> - 3.6.6.2-4
+- add lemon subpackage
+
 * Thu Dec  4 2008 Matthias Clasen <mclasen@redhat.com> - 3.6.6.2-3
 - Rebuild for pkg-config provides