diff options
author | Mike Frysinger <vapier@gentoo.org> | 2004-09-29 14:19:29 +0000 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2004-09-29 14:19:29 +0000 |
commit | 7ac7c8aee502f7e5600671ef993c0261a841a6fe (patch) | |
tree | 3d9f869677d374524012da030feaa3f2714e09a9 /app-arch | |
parent | rename patch (diff) | |
download | historical-7ac7c8aee502f7e5600671ef993c0261a841a6fe.tar.gz historical-7ac7c8aee502f7e5600671ef993c0261a841a6fe.tar.bz2 historical-7ac7c8aee502f7e5600671ef993c0261a841a6fe.zip |
fix some buffer overflows #65773
Diffstat (limited to 'app-arch')
-rw-r--r-- | app-arch/sharutils/ChangeLog | 8 | ||||
-rw-r--r-- | app-arch/sharutils/Manifest | 11 | ||||
-rw-r--r-- | app-arch/sharutils/files/digest-sharutils-4.2.1-r10 | 1 | ||||
-rw-r--r-- | app-arch/sharutils/files/sharutils-4.2.1-buffer-limits.patch | 60 | ||||
-rw-r--r-- | app-arch/sharutils/sharutils-4.2.1-r10.ebuild | 64 |
5 files changed, 139 insertions, 5 deletions
diff --git a/app-arch/sharutils/ChangeLog b/app-arch/sharutils/ChangeLog index db94114fdd92..ba305a3d29b8 100644 --- a/app-arch/sharutils/ChangeLog +++ b/app-arch/sharutils/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for app-arch/sharutils # Copyright 2002-2004 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-arch/sharutils/ChangeLog,v 1.16 2004/06/24 21:36:05 agriffis Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-arch/sharutils/ChangeLog,v 1.17 2004/09/29 14:19:29 vapier Exp $ + +*sharutils-4.2.1-r10 (29 Sep 2004) + + 29 Sep 2004; Mike Frysinger <vapier@gentoo.org> + +files/sharutils-4.2.1-buffer-limits.patch, +sharutils-4.2.1-r10.ebuild: + Add patch from Debian/Florian Schilhabel to fix some buffer overflows #65773. 16 May 2004; Luca Barbato <lu_zero@gentoo.org> sharutils-4.2.1-r9.ebuild: Marked ppc diff --git a/app-arch/sharutils/Manifest b/app-arch/sharutils/Manifest index e4075b68227f..70ebae8cd9b8 100644 --- a/app-arch/sharutils/Manifest +++ b/app-arch/sharutils/Manifest @@ -1,21 +1,24 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 -MD5 9136157dad90f211f016fc86705dc7cf ChangeLog 3984 +MD5 52182f2ad282d96e3056b09c488132ac ChangeLog 4224 MD5 7d313fd6562f5fd1ac6c4e2661261a1d sharutils-4.2.1-r6.ebuild 1357 MD5 6852f6aad3472c6c3421c8f6e182aff7 sharutils-4.2.1-r7.ebuild 1239 MD5 9f3f9b2fae7ccd2869380755a6b6a398 sharutils-4.2.1-r8.ebuild 1359 MD5 2bf8431a4672f447fe8f386469bb28d5 sharutils-4.2.1-r9.ebuild 1362 +MD5 319fcb491d5d8021de8c0c533b3c3fbf sharutils-4.2.1-r10.ebuild 1427 MD5 a0ed4cfc65c5d37392c6b3816d3fbdbe files/digest-sharutils-4.2.1-r6 67 +MD5 a0ed4cfc65c5d37392c6b3816d3fbdbe files/digest-sharutils-4.2.1-r10 67 MD5 a0ed4cfc65c5d37392c6b3816d3fbdbe files/digest-sharutils-4.2.1-r7 67 MD5 a0ed4cfc65c5d37392c6b3816d3fbdbe files/digest-sharutils-4.2.1-r8 67 MD5 aeb2dc437bac48b13e8ebc1d632013ad files/sharutils-4.2.1-buffer-check.patch 2416 MD5 a0ed4cfc65c5d37392c6b3816d3fbdbe files/digest-sharutils-4.2.1-r9 67 MD5 7d4e2f6e03e950c25babc22219bee53d files/sharutils-4.2.1-gentoo.patch 3253 +MD5 567118e62dd91c695bdffe56281a5324 files/sharutils-4.2.1-buffer-limits.patch 1980 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.9.10 (GNU/Linux) -iD8DBQFBWsPKHTu7gpaalycRAnfKAJ9OAz16Ra9yyzPjRZ6gZ2NN3MNhTwCcC1gS -Z/2xe0zQ37FjgctdQHEEESc= -=FjWF +iD8DBQFBWsSBHTu7gpaalycRAkUQAJwNjJdVACF78BisbKrTO4KouHvyqQCeKrCW +hOk0QdfHjV10jUkVdc2sLls= +=EdBP -----END PGP SIGNATURE----- diff --git a/app-arch/sharutils/files/digest-sharutils-4.2.1-r10 b/app-arch/sharutils/files/digest-sharutils-4.2.1-r10 new file mode 100644 index 000000000000..afb942300ec9 --- /dev/null +++ b/app-arch/sharutils/files/digest-sharutils-4.2.1-r10 @@ -0,0 +1 @@ +MD5 b8ba1d409f07edcb335ff72a27bd9828 sharutils-4.2.1.tar.gz 306022 diff --git a/app-arch/sharutils/files/sharutils-4.2.1-buffer-limits.patch b/app-arch/sharutils/files/sharutils-4.2.1-buffer-limits.patch new file mode 100644 index 000000000000..974677156496 --- /dev/null +++ b/app-arch/sharutils/files/sharutils-4.2.1-buffer-limits.patch @@ -0,0 +1,60 @@ +diff -Naur ./sharutils-4.2.1/src/shar.c ./sharutils-4.2.1_new/src/shar.c +--- ./sharutils-4.2.1/src/shar.c 1999-09-10 21:20:41.000000000 +0200 ++++ ./sharutils-4.2.1_new/src/shar.c 2004-09-29 15:09:40.790061000 +0200 +@@ -1571,7 +1571,7 @@ + sprintf (command, "%s '%s'", CHARACTER_COUNT_COMMAND, local_name); + if (pfp = popen (command, "r"), pfp) + { +- char wc[BUFSIZ]; ++ char wc[BUFSIZ], tempform[50]; + const char *prefix = ""; + + if (did_md5) +@@ -1579,8 +1579,8 @@ + fputs (" else\n", output); + prefix = " "; + } +- +- fscanf (pfp, "%s", wc); ++ sprintf (tempform, "%%%ds", BUFSIZ - 1); ++ fscanf (pfp, tempform, wc); + fprintf (output, "\ + %s shar_count=\"`%s '%s'`\"\n\ + %s test %s -eq \"$shar_count\" ||\n\ +diff -Naur ./sharutils-4.2.1/src/unshar.c ./sharutils-4.2.1_new/src/unshar.c +--- ./sharutils-4.2.1/src/unshar.c 1995-11-21 17:22:14.000000000 +0100 ++++ ./sharutils-4.2.1_new/src/unshar.c 2004-09-29 15:09:44.682469264 +0200 +@@ -346,8 +346,8 @@ + { + size_t size_read; + FILE *file; +- char name_buffer[NAME_BUFFER_SIZE]; +- char copy_buffer[NAME_BUFFER_SIZE]; ++ char name_buffer[NAME_BUFFER_SIZE] = {'\0'}; ++ char copy_buffer[NAME_BUFFER_SIZE] = {'\0'}; + int optchar; + + program_name = argv[0]; +@@ -409,14 +409,14 @@ + if (optind < argc) + for (; optind < argc; optind++) + { +- if (argv[optind][0] == '/') +- stpcpy (name_buffer, argv[optind]); +- else +- { +- char *cp = stpcpy (name_buffer, current_directory); +- *cp++ = '/'; +- stpcpy (cp, argv[optind]); +- } ++ if (argv[optind][0] == '/') { ++ strncpy (name_buffer, argv[optind], sizeof(name_buffer)); ++ name_buffer[sizeof(name_buffer)-1] = '\0'; ++ } ++ else { ++ snprintf(name_buffer, sizeof(name_buffer),"%s/%s", current_directory, argv[optind]); ++ name_buffer[sizeof(name_buffer)-1] = '\0'; ++ } + if (file = fopen (name_buffer, "r"), !file) + error (EXIT_FAILURE, errno, name_buffer); + unarchive_shar_file (name_buffer, file); diff --git a/app-arch/sharutils/sharutils-4.2.1-r10.ebuild b/app-arch/sharutils/sharutils-4.2.1-r10.ebuild new file mode 100644 index 000000000000..9e1ada9bbf0d --- /dev/null +++ b/app-arch/sharutils/sharutils-4.2.1-r10.ebuild @@ -0,0 +1,64 @@ +# Copyright 1999-2004 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-arch/sharutils/sharutils-4.2.1-r10.ebuild,v 1.1 2004/09/29 14:19:29 vapier Exp $ + +inherit eutils + +DESCRIPTION="Tools to deal with shar archives" +HOMEPAGE="http://www.gnu.org/software/sharutils/" +SRC_URI="mirror://gentoo/${P}.tar.gz + mirror://gnu/${PN}/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~mips ~ppc ~ppc64 ~s390 ~sparc ~x86" +IUSE="nls" + +RDEPEND="sys-apps/texinfo + nls? ( >=sys-devel/gettext-0.10.35 )" +DEPEND="${RDEPEND} + >=sys-apps/sed-4" + +src_unpack() { + unpack ${A} + cd ${S} + epatch ${FILESDIR}/${P}-r6-gentoo.diff + epatch ${FILESDIR}/${P}-buffer-check.patch #46998 + epatch ${FILESDIR}/${P}-buffer-limits.patch #65773 + + cd ${S}/po + cp ja_JP.EUC.po ja.po + cp ja_JP.EUC.gmo ja.gmo + sed -i \ + -e 's/aangemaakt/aangemaakt\\n/' nl.po \ + || die "sed nl.po failed" + sed -i \ + -e 's/de %dk/de %dk\\n/' pt.po \ + || die "sed pt.po failed" +} + +src_compile() { + econf `use_enable nls` || die + emake || die "emake failed" +} + +src_install() { + local x= + + einstall \ + localedir=${D}/usr/share/locale \ + || die + + doman doc/*.[15] + # Remove some strange locales + cd ${D}/usr/share/locale + for x in *. + do + rm -rf ${x} + done + rm -rf ${D}/usr/lib + + cd ${S} + dodoc AUTHORS BACKLOG ChangeLog ChangeLog.OLD \ + NEWS README README.OLD THANKS TODO +} |