Here's the excerpt from my
post to to ports@ containing the new patch file. Since this is a new file intended to be added with patch(1), all lines in the file are inserts and begin with a
+ character. Only the lines that begin with
++ are actually inserted into the application. Those merely add two pledge() calls at different points in the main module, wrapped in pre-processor token tests -- this application builds the same module multiple ways for different executable binaries.
They are also nearly the only documented code fragments in the application.
Code:
Index: patches/patch-CPP_7zip_UI_Console_Main_cpp
===================================================================
RCS file: patches/patch-CPP_7zip_UI_Console_Main_cpp
diff -N patches/patch-CPP_7zip_UI_Console_Main_cpp
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ patches/patch-CPP_7zip_UI_Console_Main_cpp 18 Jan 2016 15:05:44 -0000
@@ -0,0 +1,43 @@
+$OpenBSD$
+
+Pledge archivers/p7zip binaries
+
+--- CPP/7zip/UI/Console/Main.cpp.orig Sat Oct 17 11:20:22 2015
++++ CPP/7zip/UI/Console/Main.cpp Mon Jan 18 10:05:31 2016
+@@ -484,6 +484,18 @@ int Main2(
+ #endif
+ )
+ {
++
++// pledge 7za and 7zr at this point, they take different paths than 7z.
++
++#ifndef EXTERNAL_CODECS
++
++ if (pledge("stdio rpath wpath cpath fattr", NULL) == -1) {
++ perror("pledge");
++ exit(1);
++ }
++
++#endif
++
+ #if defined(_WIN32) && !defined(UNDER_CE)
+ SetFileApisToOEM();
+ #endif
+@@ -579,6 +591,17 @@ int Main2(
+ codecs->CaseSensitiveChange = options.CaseSensitiveChange;
+ codecs->CaseSensitive = options.CaseSensitive;
+ ThrowException_if_Error(codecs->Load());
++
++// pledge 7z here
++
++#ifdef EXTERNAL_CODECS
++
++ if (pledge("stdio rpath wpath cpath fattr", NULL) == -1) {
++ perror("pledge");
++ exit(1);
++ }
++
++#endif
+
+ bool isExtractGroupCommand = options.Command.IsFromExtractGroup();
+