diff options
author | Ned Ludd <solar@gentoo.org> | 2004-05-15 16:53:02 +0000 |
---|---|---|
committer | Ned Ludd <solar@gentoo.org> | 2004-05-15 16:53:02 +0000 |
commit | 4f746d2cd66ffe002cdcdf8c9eeca1fa1855e95e (patch) | |
tree | f0259e272948ffdbf53d73265d788170d69509a3 /app-arch/sharutils | |
parent | Stable on sparc (diff) | |
download | historical-4f746d2cd66ffe002cdcdf8c9eeca1fa1855e95e.tar.gz historical-4f746d2cd66ffe002cdcdf8c9eeca1fa1855e95e.tar.bz2 historical-4f746d2cd66ffe002cdcdf8c9eeca1fa1855e95e.zip |
Use patch supplied by Michael Schröder: http://bugzilla.suse.de [#39122, password protected]
Submitted to Gentoo by Karl Eichwalder <ke@gnu.franken.de>
Fix format string handling problems with command line parsing shar -o
Gentoo security bug #46998
Diffstat (limited to 'app-arch/sharutils')
-rw-r--r-- | app-arch/sharutils/ChangeLog | 11 | ||||
-rw-r--r-- | app-arch/sharutils/Manifest | 6 | ||||
-rw-r--r-- | app-arch/sharutils/files/digest-sharutils-4.2.1-r9 | 1 | ||||
-rw-r--r-- | app-arch/sharutils/files/sharutils-4.2.1-buffer-check.patch | 99 | ||||
-rw-r--r-- | app-arch/sharutils/sharutils-4.2.1-r9.ebuild | 63 |
5 files changed, 171 insertions, 9 deletions
diff --git a/app-arch/sharutils/ChangeLog b/app-arch/sharutils/ChangeLog index 21bf6f92798f..a0c6c5250531 100644 --- a/app-arch/sharutils/ChangeLog +++ b/app-arch/sharutils/ChangeLog @@ -1,6 +1,15 @@ # ChangeLog for app-arch/sharutils # Copyright 2002-2004 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-arch/sharutils/ChangeLog,v 1.8 2004/04/10 07:20:17 mr_bones_ Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-arch/sharutils/ChangeLog,v 1.9 2004/05/15 16:53:02 solar Exp $ + +*sharutils-4.2.1-r9 (15 May 2004) + + 15 May 2004; <solar@gentoo.org> sharutils-4.2.1-r9.ebuild, + files/sharutils-4.2.1-buffer-check.patch: + Use patch supplied by Michael Schröder: http://bugzilla.suse.de [#39122, + password protected] Submitted to Gentoo by Karl Eichwalder <ke@gnu.franken.de> + Fix format string handling problems with command line parsing shar -o Gentoo + security bug #46998 10 Apr 2004; Michael Sterrett <mr_bones_@gentoo.org> sharutils-4.2.1-r6.ebuild, sharutils-4.2.1-r7.ebuild, diff --git a/app-arch/sharutils/Manifest b/app-arch/sharutils/Manifest index 7b4a077f159d..f983551bad3d 100644 --- a/app-arch/sharutils/Manifest +++ b/app-arch/sharutils/Manifest @@ -1,9 +1,11 @@ -MD5 646e6324ea5d132ce52143222cb8bf9d ChangeLog 2992 +MD5 18bd121179048caea18fba964b6b43a2 ChangeLog 3387 MD5 ad2c8d9e6aadb667f4d23695ea506711 sharutils-4.2.1-r6.ebuild 1379 MD5 45aa49d0ec9ad55622e4576fcc6cfe82 sharutils-4.2.1-r7.ebuild 1263 MD5 e1b8b5ee3ea291ad60c04ddc3ca1e106 sharutils-4.2.1-r8.ebuild 1373 +MD5 3e7b719567a159b382afcffb88b4c756 sharutils-4.2.1-r9.ebuild 1377 MD5 a0ed4cfc65c5d37392c6b3816d3fbdbe files/digest-sharutils-4.2.1-r6 67 MD5 7d4e2f6e03e950c25babc22219bee53d files/sharutils-4.2.1-r6-gentoo.diff 3253 MD5 a0ed4cfc65c5d37392c6b3816d3fbdbe files/digest-sharutils-4.2.1-r7 67 MD5 a0ed4cfc65c5d37392c6b3816d3fbdbe files/digest-sharutils-4.2.1-r8 67 -MD5 d9745ded9b7d77d91dbff930598badcd files/sharutils-4.2.1-buffer-check.patch 356 +MD5 aeb2dc437bac48b13e8ebc1d632013ad files/sharutils-4.2.1-buffer-check.patch 2416 +MD5 a0ed4cfc65c5d37392c6b3816d3fbdbe files/digest-sharutils-4.2.1-r9 67 diff --git a/app-arch/sharutils/files/digest-sharutils-4.2.1-r9 b/app-arch/sharutils/files/digest-sharutils-4.2.1-r9 new file mode 100644 index 000000000000..afb942300ec9 --- /dev/null +++ b/app-arch/sharutils/files/digest-sharutils-4.2.1-r9 @@ -0,0 +1 @@ +MD5 b8ba1d409f07edcb335ff72a27bd9828 sharutils-4.2.1.tar.gz 306022 diff --git a/app-arch/sharutils/files/sharutils-4.2.1-buffer-check.patch b/app-arch/sharutils/files/sharutils-4.2.1-buffer-check.patch index 96ad67645019..46cf35e8a7f4 100644 --- a/app-arch/sharutils/files/sharutils-4.2.1-buffer-check.patch +++ b/app-arch/sharutils/files/sharutils-4.2.1-buffer-check.patch @@ -1,11 +1,98 @@ ---- src/shar.c.orig 2004-04-06 17:51:40.849154592 -0400 -+++ src/shar.c 2004-04-06 17:53:13.843017376 -0400 -@@ -1905,7 +1905,7 @@ +Index: src/shar.c +=================================================================== +RCS file: /home/ke/cvsroot/sharutils/src/shar.c,v +retrieving revision 1.22 +diff -u -r1.22 shar.c +--- src/shar.c 2 Dec 2002 20:52:10 -0000 1.22 ++++ src/shar.c 15 May 2004 09:13:16 -0000 +@@ -255,11 +255,11 @@ + /* Position for first file in the shar file. */ + static off_t first_file_position; + +-/* Base for output filename. FIXME: No fix limit in GNU... */ +-static char output_base_name[50]; ++/* Base for output filename. */ ++static char *output_base_name; + +-/* Actual output filename. FIXME: No fix limit in GNU... */ +-static char output_filename[50]; ++/* Actual output filename. */ ++static char *output_filename; + + static char *submitter_address = NULL; + +@@ -1727,7 +1727,12 @@ + static void + open_output () + { +- sprintf (output_filename, output_base_name, ++part_number); ++ size_t l; ++ l = strlen(output_base_name) + 128; ++ if (output_filename) ++ free(output_filename); ++ output_filename = xmalloc(l); ++ snprintf(output_filename, l, output_base_name, ++part_number); + output = fopen (output_filename, "w"); + if (!output) + error (EXIT_FAILURE, errno, _("Opening `%s'"), output_filename); +@@ -1907,6 +1912,42 @@ + file_size_limit = lim; + } + ++ ++char *parse_output_base_name(char *arg) ++{ ++ int c; ++ int hadarg = 0; ++ char *fmt, *p; ++ ++ for (p = arg ; (c = *p++) != 0; ) ++ { ++ if (c != '%') ++ continue; ++ c = *p++; ++ if (c == '%') ++ continue; ++ if (hadarg) ++ return 0; ++ while (c != 0 && strchr("#0+- 'I", c) != 0) ++ c = *p++; ++ while (c != 0 && c >= '0' && c <= '9') ++ c = *p++; ++ if (c == '.') ++ c = *p++; ++ while (c != 0 && c >= '0' && c <= '9') ++ c = *p++; ++ if (c == 0 || strchr("diouxX", c) == 0) ++ return 0; ++ hadarg = 1; ++ } ++ fmt = xmalloc(strlen(arg) + (hadarg ? 1 : 6)); ++ strcpy(fmt, arg); ++ if (!hadarg) ++ strcat(fmt, ".%02d"); ++ return fmt; ++} ++ ++ + /*---. + | ? | + `---*/ +@@ -2047,9 +2088,14 @@ break; case 'o': - strcpy (output_base_name, optarg); -+ strncpy (output_base_name, optarg, sizeof(output_base_name)); - if (!strchr (output_base_name, '%')) - strcat (output_base_name, ".%02d"); +- if (!strchr (output_base_name, '%')) +- strcat (output_base_name, ".%02d"); ++ if (output_base_name) ++ free (output_base_name); ++ output_base_name = parse_output_base_name(optarg); ++ if (!output_base_name) ++ { ++ fprintf (stderr, _("illegal output prefix\n")); ++ exit (EXIT_FAILURE); ++ } part_number = 0; + open_output (); + break; diff --git a/app-arch/sharutils/sharutils-4.2.1-r9.ebuild b/app-arch/sharutils/sharutils-4.2.1-r9.ebuild new file mode 100644 index 000000000000..0dc9b638d7d9 --- /dev/null +++ b/app-arch/sharutils/sharutils-4.2.1-r9.ebuild @@ -0,0 +1,63 @@ +# Copyright 1999-2004 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-arch/sharutils/sharutils-4.2.1-r9.ebuild,v 1.1 2004/05/15 16:53:02 solar Exp $ + +inherit eutils + +DESCRIPTION="Tools to deal with shar archives" +HOMEPAGE="http://www.gnu.org/software/sharutils/" +SRC_URI="mirror://gentoo/${P}.tar.gz + mirror://gnu/${PN}/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~x86 ~amd64 ~ppc ~sparc ~alpha ~hppa ~ia64 ~ppc64 ~s390 ~mips" +IUSE="nls" + +RDEPEND="sys-apps/texinfo + nls? ( >=sys-devel/gettext-0.10.35 )" +DEPEND="${RDEPEND} + >=sys-apps/sed-4" + +src_unpack() { + unpack ${A} + cd ${S} + epatch ${FILESDIR}/${P}-r6-gentoo.diff + epatch ${FILESDIR}/${P}-buffer-check.patch #46998 + + cd ${S}/po + cp ja_JP.EUC.po ja.po + cp ja_JP.EUC.gmo ja.gmo + sed -i \ + -e 's/aangemaakt/aangemaakt\\n/' nl.po \ + || die "sed nl.po failed" + sed -i \ + -e 's/de %dk/de %dk\\n/' pt.po \ + || die "sed pt.po failed" +} + +src_compile() { + econf `use_enable nls` || die + emake || die "emake failed" +} + +src_install() { + local x= + + einstall \ + localedir=${D}/usr/share/locale \ + || die + + doman doc/*.[15] + # Remove some strange locales + cd ${D}/usr/share/locale + for x in *. + do + rm -rf ${x} + done + rm -rf ${D}/usr/lib + + cd ${S} + dodoc AUTHORS BACKLOG ChangeLog ChangeLog.OLD \ + NEWS README README.OLD THANKS TODO +} |