summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2004-09-29 14:19:29 +0000
committerMike Frysinger <vapier@gentoo.org>2004-09-29 14:19:29 +0000
commit7ac7c8aee502f7e5600671ef993c0261a841a6fe (patch)
tree3d9f869677d374524012da030feaa3f2714e09a9 /app-arch/sharutils/files
parentrename patch (diff)
downloadhistorical-7ac7c8aee502f7e5600671ef993c0261a841a6fe.tar.gz
historical-7ac7c8aee502f7e5600671ef993c0261a841a6fe.tar.bz2
historical-7ac7c8aee502f7e5600671ef993c0261a841a6fe.zip
fix some buffer overflows #65773
Diffstat (limited to 'app-arch/sharutils/files')
-rw-r--r--app-arch/sharutils/files/digest-sharutils-4.2.1-r101
-rw-r--r--app-arch/sharutils/files/sharutils-4.2.1-buffer-limits.patch60
2 files changed, 61 insertions, 0 deletions
diff --git a/app-arch/sharutils/files/digest-sharutils-4.2.1-r10 b/app-arch/sharutils/files/digest-sharutils-4.2.1-r10
new file mode 100644
index 000000000000..afb942300ec9
--- /dev/null
+++ b/app-arch/sharutils/files/digest-sharutils-4.2.1-r10
@@ -0,0 +1 @@
+MD5 b8ba1d409f07edcb335ff72a27bd9828 sharutils-4.2.1.tar.gz 306022
diff --git a/app-arch/sharutils/files/sharutils-4.2.1-buffer-limits.patch b/app-arch/sharutils/files/sharutils-4.2.1-buffer-limits.patch
new file mode 100644
index 000000000000..974677156496
--- /dev/null
+++ b/app-arch/sharutils/files/sharutils-4.2.1-buffer-limits.patch
@@ -0,0 +1,60 @@
+diff -Naur ./sharutils-4.2.1/src/shar.c ./sharutils-4.2.1_new/src/shar.c
+--- ./sharutils-4.2.1/src/shar.c 1999-09-10 21:20:41.000000000 +0200
++++ ./sharutils-4.2.1_new/src/shar.c 2004-09-29 15:09:40.790061000 +0200
+@@ -1571,7 +1571,7 @@
+ sprintf (command, "%s '%s'", CHARACTER_COUNT_COMMAND, local_name);
+ if (pfp = popen (command, "r"), pfp)
+ {
+- char wc[BUFSIZ];
++ char wc[BUFSIZ], tempform[50];
+ const char *prefix = "";
+
+ if (did_md5)
+@@ -1579,8 +1579,8 @@
+ fputs (" else\n", output);
+ prefix = " ";
+ }
+-
+- fscanf (pfp, "%s", wc);
++ sprintf (tempform, "%%%ds", BUFSIZ - 1);
++ fscanf (pfp, tempform, wc);
+ fprintf (output, "\
+ %s shar_count=\"`%s '%s'`\"\n\
+ %s test %s -eq \"$shar_count\" ||\n\
+diff -Naur ./sharutils-4.2.1/src/unshar.c ./sharutils-4.2.1_new/src/unshar.c
+--- ./sharutils-4.2.1/src/unshar.c 1995-11-21 17:22:14.000000000 +0100
++++ ./sharutils-4.2.1_new/src/unshar.c 2004-09-29 15:09:44.682469264 +0200
+@@ -346,8 +346,8 @@
+ {
+ size_t size_read;
+ FILE *file;
+- char name_buffer[NAME_BUFFER_SIZE];
+- char copy_buffer[NAME_BUFFER_SIZE];
++ char name_buffer[NAME_BUFFER_SIZE] = {'\0'};
++ char copy_buffer[NAME_BUFFER_SIZE] = {'\0'};
+ int optchar;
+
+ program_name = argv[0];
+@@ -409,14 +409,14 @@
+ if (optind < argc)
+ for (; optind < argc; optind++)
+ {
+- if (argv[optind][0] == '/')
+- stpcpy (name_buffer, argv[optind]);
+- else
+- {
+- char *cp = stpcpy (name_buffer, current_directory);
+- *cp++ = '/';
+- stpcpy (cp, argv[optind]);
+- }
++ if (argv[optind][0] == '/') {
++ strncpy (name_buffer, argv[optind], sizeof(name_buffer));
++ name_buffer[sizeof(name_buffer)-1] = '\0';
++ }
++ else {
++ snprintf(name_buffer, sizeof(name_buffer),"%s/%s", current_directory, argv[optind]);
++ name_buffer[sizeof(name_buffer)-1] = '\0';
++ }
+ if (file = fopen (name_buffer, "r"), !file)
+ error (EXIT_FAILURE, errno, name_buffer);
+ unarchive_shar_file (name_buffer, file);