diff options
Diffstat (limited to 'app-arch/lha')
-rw-r--r-- | app-arch/lha/Manifest | 44 | ||||
-rw-r--r-- | app-arch/lha/files/digest-lha-114i-r5 | 3 | ||||
-rw-r--r-- | app-arch/lha/files/lha-114i-build.patch | 52 | ||||
-rw-r--r-- | app-arch/lha/files/lha-114i-detect-cmd-extract-fail.patch | 150 | ||||
-rw-r--r-- | app-arch/lha/files/lha-114i-dir_length_bounds_check.patch | 20 | ||||
-rw-r--r-- | app-arch/lha/files/lha-114i-malloc.patch | 10 | ||||
-rw-r--r-- | app-arch/lha/files/lha-114i-sec.patch | 75 | ||||
-rw-r--r-- | app-arch/lha/files/lha-114i-sec2.patch | 191 | ||||
-rw-r--r-- | app-arch/lha/files/lha-114i-symlink.patch | 10 | ||||
-rw-r--r-- | app-arch/lha/lha-114i-r5.ebuild | 39 |
10 files changed, 4 insertions, 590 deletions
diff --git a/app-arch/lha/Manifest b/app-arch/lha/Manifest index 7c931b9d6bda..70610a3b5a82 100644 --- a/app-arch/lha/Manifest +++ b/app-arch/lha/Manifest @@ -1,52 +1,16 @@ -AUX lha-114i-build.patch 1450 RMD160 6e5a46bc57b59c0de1ce0658c0323e098389de72 SHA1 1b9ae535a9447b4abe079e2dd340a76ddd564ab7 SHA256 8087c4b5a088b13472741282b08a2055abcca9e1c3214411c3a96a1398429841 -MD5 6cea43d9473cb137305f2a1c9175eac6 files/lha-114i-build.patch 1450 -RMD160 6e5a46bc57b59c0de1ce0658c0323e098389de72 files/lha-114i-build.patch 1450 -SHA256 8087c4b5a088b13472741282b08a2055abcca9e1c3214411c3a96a1398429841 files/lha-114i-build.patch 1450 -AUX lha-114i-detect-cmd-extract-fail.patch 3151 RMD160 0e9d798b5fe826a07a03e79cdf4de2eac6d80728 SHA1 12b79b0307926761bb6ce40e746565637f3a30b2 SHA256 27ac937107a3c31741506cf98568b702404e92f183e1bc7c8cadde1230eec81c -MD5 bf52f3a88c9f88cdbaadda926050333e files/lha-114i-detect-cmd-extract-fail.patch 3151 -RMD160 0e9d798b5fe826a07a03e79cdf4de2eac6d80728 files/lha-114i-detect-cmd-extract-fail.patch 3151 -SHA256 27ac937107a3c31741506cf98568b702404e92f183e1bc7c8cadde1230eec81c files/lha-114i-detect-cmd-extract-fail.patch 3151 -AUX lha-114i-dir_length_bounds_check.patch 502 RMD160 6f7c46e25f39a32dbfe171c3a739d66dfcd93f47 SHA1 647b682fee58c34e5f94e35479c5440905836446 SHA256 8046b3af6929c7de7c6dd8ba2059069a29ae19dc147d5991f690605e2dd60c66 -MD5 de7e57548c17115a6a39b8cb5f88234d files/lha-114i-dir_length_bounds_check.patch 502 -RMD160 6f7c46e25f39a32dbfe171c3a739d66dfcd93f47 files/lha-114i-dir_length_bounds_check.patch 502 -SHA256 8046b3af6929c7de7c6dd8ba2059069a29ae19dc147d5991f690605e2dd60c66 files/lha-114i-dir_length_bounds_check.patch 502 -AUX lha-114i-malloc.patch 180 RMD160 d637120f84146cc28fd683d0375d13b043614d77 SHA1 90d80f2b3618b590468f2ddf5477abf6ed6bb0e7 SHA256 a3528c528f5c72d9377ef3255841aa84284e15cae8cd9bcd1e5ff4feca155f35 -MD5 e05cbc314ebdf97cf509c953c49de9d4 files/lha-114i-malloc.patch 180 -RMD160 d637120f84146cc28fd683d0375d13b043614d77 files/lha-114i-malloc.patch 180 -SHA256 a3528c528f5c72d9377ef3255841aa84284e15cae8cd9bcd1e5ff4feca155f35 files/lha-114i-malloc.patch 180 -AUX lha-114i-sec.patch 1621 RMD160 0fd7ffd502ceca96afce5edab883819c5154a102 SHA1 0758078fa8d900ba7dfd615351759eba3c56cfe0 SHA256 58102e25ee974884f1577644be21b5a68e474e999405644d15451d5bea91022b -MD5 a1ef659783bc7224c48dbc07cf436788 files/lha-114i-sec.patch 1621 -RMD160 0fd7ffd502ceca96afce5edab883819c5154a102 files/lha-114i-sec.patch 1621 -SHA256 58102e25ee974884f1577644be21b5a68e474e999405644d15451d5bea91022b files/lha-114i-sec.patch 1621 -AUX lha-114i-sec2.patch 5754 RMD160 e42b0b48cdab5414cd1e523f626b4fbb58f93e91 SHA1 430ae7c05f50d307e58851894cf2aaf99c757473 SHA256 8669ffe555751cbb8566c91111fbc6e7eeaf7630a999e7dcf7710dd8d288236f -MD5 f44e42e6131c63f0e2e67e49732b6e57 files/lha-114i-sec2.patch 5754 -RMD160 e42b0b48cdab5414cd1e523f626b4fbb58f93e91 files/lha-114i-sec2.patch 5754 -SHA256 8669ffe555751cbb8566c91111fbc6e7eeaf7630a999e7dcf7710dd8d288236f files/lha-114i-sec2.patch 5754 -AUX lha-114i-symlink.patch 228 RMD160 f869f4ced6619b78b4a89d8846e1bf2d5ec9ecc1 SHA1 b1181558bf6d7abacfcd835a56a80bf2fb4f34ba SHA256 9664a3bd67bf1dd5b68c6b6f638b7ca680a363d898e056f48a7feafec592f029 -MD5 d409c5c0a2b75a477e7baa7ebc62a559 files/lha-114i-symlink.patch 228 -RMD160 f869f4ced6619b78b4a89d8846e1bf2d5ec9ecc1 files/lha-114i-symlink.patch 228 -SHA256 9664a3bd67bf1dd5b68c6b6f638b7ca680a363d898e056f48a7feafec592f029 files/lha-114i-symlink.patch 228 DIST lha-1.14i-ac20050924p1.tar.gz 285518 RMD160 7603dc93d8afdeed6cfbaa193f68ae4283bea39b SHA1 2491c8b584c21759f1d3819f57fa0e1cbc235092 SHA256 b5261e9f98538816aa9e64791f23cb83f1632ecda61f02e54b6749e9ca5e9ee4 -DIST lha-114i.tar.gz 64608 RMD160 c561e0758b467a61f45d287582effc53df29f01d SHA1 79e35271f2cf783f946db3f22e304fef72dbac99 SHA256 ffe9bbd437f47a960d714032f61da26b5dd38e3ef4ddc9c3763cc28c4983c091 -EBUILD lha-114i-r5.ebuild 1128 RMD160 56c7364f02ece5348039d039d2c74c1060c4b5a3 SHA1 898e375ed313d2099bb7d1dd890dc70fa64c4d6e SHA256 167cb4d31512a85a32ba3792f54205563fb07264df8da70a75b861456180a9ef -MD5 0d333832d8b6725f53a6163ef8b9dd69 lha-114i-r5.ebuild 1128 -RMD160 56c7364f02ece5348039d039d2c74c1060c4b5a3 lha-114i-r5.ebuild 1128 -SHA256 167cb4d31512a85a32ba3792f54205563fb07264df8da70a75b861456180a9ef lha-114i-r5.ebuild 1128 EBUILD lha-114i-r6.ebuild 701 RMD160 d3d89aa711ea5fdee8273f03f6582a6e3a7f9870 SHA1 e04cdb15cb93d15f9c0d6d4b90f7dc4f51e15ebe SHA256 5ef4a854efd17cd5c5df8f722c37bbedb45719f13cf096a0fbe119cf2f78232c MD5 2e7bdbdbfd8328be39b1db9cd4c64c5a lha-114i-r6.ebuild 701 RMD160 d3d89aa711ea5fdee8273f03f6582a6e3a7f9870 lha-114i-r6.ebuild 701 SHA256 5ef4a854efd17cd5c5df8f722c37bbedb45719f13cf096a0fbe119cf2f78232c lha-114i-r6.ebuild 701 -MISC ChangeLog 4764 RMD160 ab49d66a2c41a26bedf00df0f371bb947a3a5169 SHA1 36ec43971f40d7697d6d50964fa6210f2703930d SHA256 9a0ca63cf225ff580e9d3ffbdfd7a78bd296a7eeb4d941040ed90edb16c0341e -MD5 d45c551ca80c027cd328896d301c8759 ChangeLog 4764 -RMD160 ab49d66a2c41a26bedf00df0f371bb947a3a5169 ChangeLog 4764 -SHA256 9a0ca63cf225ff580e9d3ffbdfd7a78bd296a7eeb4d941040ed90edb16c0341e ChangeLog 4764 +MISC ChangeLog 5106 RMD160 75f65f7d17bda6e490a213e9dcd19bbf18a1029f SHA1 0801c7cddfb4a41003a23d4a86f1ee4f429e0287 SHA256 57b890843e7c9af10d1b52c3c77dfa2df16192d9eac3eba62fb45e569571bf81 +MD5 80428705f0ef62375eaf44fa32ffedeb ChangeLog 5106 +RMD160 75f65f7d17bda6e490a213e9dcd19bbf18a1029f ChangeLog 5106 +SHA256 57b890843e7c9af10d1b52c3c77dfa2df16192d9eac3eba62fb45e569571bf81 ChangeLog 5106 MISC metadata.xml 305 RMD160 5b5ca96f26991316b57bd45d83b9bad826021553 SHA1 06aad2805a4e027b6c1c7223d17206a24ec86478 SHA256 f4fec485b792dcd3e6b24220e008c488169c341582a79d4f921a6c5b78a21452 MD5 86a301d8316b740a5eedef42a711495f metadata.xml 305 RMD160 5b5ca96f26991316b57bd45d83b9bad826021553 metadata.xml 305 SHA256 f4fec485b792dcd3e6b24220e008c488169c341582a79d4f921a6c5b78a21452 metadata.xml 305 -MD5 7866b2a86bc4697ac985d0c1360ba3ac files/digest-lha-114i-r5 223 -RMD160 bb2f7aa9d5c94f735928aceed4e2aa045562102f files/digest-lha-114i-r5 223 -SHA256 ab764d5374211e8b49190f6dcd8edc5baa6a834ccbed321effb86482c73ef786 files/digest-lha-114i-r5 223 MD5 441f69493df467afee0d604e221e6efd files/digest-lha-114i-r6 268 RMD160 db50f782363c889ec7001f431b1083250841831e files/digest-lha-114i-r6 268 SHA256 de7bedaab76a80afe79cf26f4c4514531b3128ec1653f422a61e3ea251eabde1 files/digest-lha-114i-r6 268 diff --git a/app-arch/lha/files/digest-lha-114i-r5 b/app-arch/lha/files/digest-lha-114i-r5 deleted file mode 100644 index ebd249c9cc55..000000000000 --- a/app-arch/lha/files/digest-lha-114i-r5 +++ /dev/null @@ -1,3 +0,0 @@ -MD5 5225884d557b91f04124693e2c5c9e94 lha-114i.tar.gz 64608 -RMD160 c561e0758b467a61f45d287582effc53df29f01d lha-114i.tar.gz 64608 -SHA256 ffe9bbd437f47a960d714032f61da26b5dd38e3ef4ddc9c3763cc28c4983c091 lha-114i.tar.gz 64608 diff --git a/app-arch/lha/files/lha-114i-build.patch b/app-arch/lha/files/lha-114i-build.patch deleted file mode 100644 index 29895b329fe3..000000000000 --- a/app-arch/lha/files/lha-114i-build.patch +++ /dev/null @@ -1,52 +0,0 @@ ---- Makefile -+++ Makefile -@@ -23,14 +23,15 @@ - MACHINE = -DSYSTIME_HAS_NO_TM -DEUC -DSYSV_SYSTEM_DIR -DMKTIME - - #OPTIMIZE = -O2 -fstrength-reduce -fomit-frame-pointer --OPTIMIZE = -O2 -DSUPPORT_LH7 -DMKSTEMP -+OPTIMIZE = $(CFLAGS) -DSUPPORT_LH7 -DMKSTEMP - --BINDIR = /usr/local/bin --MANDIR = /usr/local/man --MANSECT = n -+DESTDIR = -+BINDIR = /usr/bin -+MANDIR = /usr/share/man/ja -+MANSECT = 1 - - INSTALL = install --INSTALLBIN = -s -m 755 -+INSTALLBIN = -m 755 - INSTALLMAN = -m 644 - - SUBDIRS = src man -@@ -42,6 +43,7 @@ - LIBRARYOBJS = patmatch$(O) - - MYMAKEFLAGS = 'BINDIR=$(BINDIR)' 'MANDIR=$(MANDIR)' 'MANSECT=$(MANSECT)'\ -+ 'DESTDIR=$(DESTDIR)' \ - 'INSTALL=$(INSTALL)' 'INSTALLBIN=$(INSTALLBIN)' 'INSTALLMAN=$(INSTALLMAN)'\ - 'CC=$(CC)' 'SWITCHES=$(SWITCHES)' 'O=$(O)' 'LIBRARYOBJS=$(LIBRARYOBJS)' \ - 'OPTIMIZE=$(OPTIMIZE)' 'MACHINE=$(MACHINE)' ---- man/Makefile -+++ man/Makefile -@@ -11,7 +11,8 @@ - $(NROFF) -man lha.n > lha.man - - install: -- $(INSTALL) $(INSTALLMAN) lha.n $(MANDIR)/man$(MANSECT)/lha.$(MANSECT) -+ mkdir -p `dirname $(DESTDIR)$(MANDIR)/man$(MANSECT)/lha.$(MANSECT)` -+ $(INSTALL) $(INSTALLMAN) lha.n $(DESTDIR)$(MANDIR)/man$(MANSECT)/lha.$(MANSECT) - - clean: - rm -f *~ ---- src/Makefile -+++ src/Makefile -@@ -49,4 +49,5 @@ - rm -f core *.o lha.tar lha.tar.Z *~ \#* *.orig - - install: -+ mkdir -p `dirname $(DESTDIR)$(BINDIR)/lha` -+ $(INSTALL) $(INSTALLBIN) lha $(DESTDIR)$(BINDIR)/lha -- $(INSTALL) $(INSTALLBIN) lha $(BINDIR)/lha diff --git a/app-arch/lha/files/lha-114i-detect-cmd-extract-fail.patch b/app-arch/lha/files/lha-114i-detect-cmd-extract-fail.patch deleted file mode 100644 index 72373162a510..000000000000 --- a/app-arch/lha/files/lha-114i-detect-cmd-extract-fail.patch +++ /dev/null @@ -1,150 +0,0 @@ -Make sure that a corrupt archive file will return failure when we try -and extract it - -patch by Mike Frysinger <vapier@gentoo.org> - ---- lha-114i/src/lha.h -+++ lha-114i/src/lha.h -@@ -231,5 +231,6 @@ - extern long copyfile(); - --extern void cmd_list(), cmd_extract(), cmd_add(), cmd_delete(); -+extern void cmd_list(), cmd_add(), cmd_delete(); -+extern int cmd_extract(); - - extern boolean ignore_directory; ---- lha-114i/src/lharc.c -+++ lha-114i/src/lharc.c -@@ -431,5 +431,5 @@ - switch (cmd) { - case CMD_EXTRACT: -- cmd_extract(); -+ return cmd_extract(); - break; - case CMD_ADD: ---- lha-114i/src/lhext.c -+++ lha-114i/src/lhext.c -@@ -175,5 +175,5 @@ - - /* ------------------------------------------------------------------------ */ --static void -+static int - extract_one(afp, hdr) - FILE *afp; /* archive file */ -@@ -226,5 +226,5 @@ - if (methods[method] == NULL) { - error("Unknown method skiped ...", name); -- return; -+ return 1; - } - if (bcmp(hdr->method, methods[method], 5) == 0) -@@ -255,5 +255,5 @@ - fgetc(afp); - } -- return; -+ return 0; - } - -@@ -279,5 +279,5 @@ - up_flag = inquire_extract(name); - if (up_flag == FALSE && force == FALSE) { -- return; -+ return 0; - } - } -@@ -288,5 +288,5 @@ - if (quiet != TRUE) - printf("%s : Skipped...\n", name); -- return; -+ return 0; - } - } -@@ -298,5 +298,5 @@ - fgetc(afp); - } -- return; -+ return 0; - } - -@@ -318,10 +318,12 @@ - - if (!fp) -- return; -+ return 0; - } - - errno = 0; -- if (hdr->has_crc && crc != hdr->crc) -+ if (hdr->has_crc && crc != hdr->crc) { - error("CRC error", name); -+ return 1; -+ } - } - else if ((hdr->unix_mode & UNIX_FILE_TYPEMASK) == UNIX_FILE_DIRECTORY -@@ -333,5 +335,5 @@ - if (quiet != TRUE) - printf("EXTRACT %s (directory)\n", name); -- return; -+ return 0; - } - /* NAME has trailing SLASH '/', (^_^) */ -@@ -348,5 +350,5 @@ - up_flag = inquire_extract(name); - if (up_flag == FALSE && force == FALSE) { -- return; -+ return 0; - } - } else { -@@ -355,5 +357,5 @@ - if (quiet != TRUE) - printf("%s : Skipped...\n", bb1); -- return; -+ return 0; - } - } -@@ -375,9 +377,9 @@ - sprintf(buf, sizeof(buf), "%s -> %s", bb1, bb2); - warning("Can't make Symbolic Link", buf); -- return; -+ return 0; - #endif - } else { /* make directory */ - if (!output_to_stdout && !make_parent_path(name)) -- return; -+ return 0; - } - } -@@ -389,4 +391,6 @@ - if (!output_to_stdout) - adjust_info(name, hdr); -+ -+ return 0; - } - -@@ -394,5 +398,5 @@ - /* EXTRACT COMMAND MAIN */ - /* ------------------------------------------------------------------------ */ --void -+int - cmd_extract() - { -@@ -400,4 +404,5 @@ - long pos; - FILE *afp; -+ int ret = 0; - - /* open archive file */ -@@ -412,5 +417,5 @@ - if (need_file(hdr.name)) { - pos = ftell(afp); -- extract_one(afp, &hdr); -+ ret += extract_one(afp, &hdr); - fseek(afp, pos + hdr.packed_size, SEEK_SET); - } else { -@@ -428,5 +433,5 @@ - fclose(afp); - -- return; -+ return ret; - } - diff --git a/app-arch/lha/files/lha-114i-dir_length_bounds_check.patch b/app-arch/lha/files/lha-114i-dir_length_bounds_check.patch deleted file mode 100644 index 78543673b982..000000000000 --- a/app-arch/lha/files/lha-114i-dir_length_bounds_check.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- lha-114i/src/header.c -+++ lha-114i/src/header.c -@@ -648,8 +648,17 @@ - } - - if (dir_length) { -+ if ((dir_length + name_length) > sizeof(dirname)) { -+ fprintf(stderr, "Insufficient buffer size\n"); -+ exit(112); -+ } - strcat(dirname, hdr->name); -- strcpy(hdr->name, dirname); -+ -+ if ((dir_length + name_length) > sizeof(hdr->name)) { -+ fprintf(stderr, "Insufficient buffer size\n"); -+ exit(112); -+ } -+ strncpy(hdr->name, dirname, sizeof(hdr->name)); - name_length += dir_length; - } diff --git a/app-arch/lha/files/lha-114i-malloc.patch b/app-arch/lha/files/lha-114i-malloc.patch deleted file mode 100644 index 2a2a0daf045c..000000000000 --- a/app-arch/lha/files/lha-114i-malloc.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- lha-114i/src/lha.h -+++ lha-114i/src/lha.h -@@ -16,6 +16,7 @@ - #include <sys/types.h> - #include <sys/file.h> - #include <sys/stat.h> -+#include <stdlib.h> - - #include <signal.h> - diff --git a/app-arch/lha/files/lha-114i-sec.patch b/app-arch/lha/files/lha-114i-sec.patch deleted file mode 100644 index 3f4dca7993d6..000000000000 --- a/app-arch/lha/files/lha-114i-sec.patch +++ /dev/null @@ -1,75 +0,0 @@ ---- lha-114i/src/header.c -+++ lha-114i/src/header.c -@@ -538,6 +538,10 @@ - /* - * filename - */ -+ if (header_size >= 256) { -+ fprintf(stderr, "Possible buffer overflow hack attack, type #1\n"); -+ exit(109); -+ } - for (i = 0; i < header_size - 3; i++) - hdr->name[i] = (char) get_byte(); - hdr->name[header_size - 3] = '\0'; -@@ -547,6 +551,10 @@ - /* - * directory - */ -+ if (header_size >= FILENAME_LENGTH) { -+ fprintf(stderr, "Possible buffer overflow hack attack, type #2\n"); -+ exit(110); -+ } - for (i = 0; i < header_size - 3; i++) - dirname[i] = (char) get_byte(); - dirname[header_size - 3] = '\0'; ---- lha-114i/src/lhext.c -+++ lha-114i/src/lhext.c -@@ -190,8 +190,13 @@ - q = (char *) rindex(hdr->name, '/') + 1; - } - else { -+ if (is_directory_traversal(q)) { -+ fprintf(stderr, "Possible directory traversal hack attempt in %s\n", q); -+ exit(111); -+ } -+ - if (*q == '/') { -- q++; -+ while (*q == '/') { q++; } - /* - * if OSK then strip device name - */ -@@ -419,6 +424,33 @@ - return; - } - -+int -+is_directory_traversal(char *string) -+{ -+ unsigned int type = 0; /* 0 = new, 1 = only dots, 2 = other chars than dots */ -+ char *temp; -+ -+ temp = string; -+ -+ while (*temp != 0) { -+ if (temp[0] == '/') { -+ if (type == 1) { return 1; } -+ type = 0; -+ temp++; -+ continue; -+ } -+ -+ if ((temp[0] == '.') && (type < 2)) -+ type = 1; -+ if (temp[0] != '.') -+ type = 2; -+ -+ temp++; -+ } /* while */ -+ -+ return (type == 1); -+} -+ - /* Local Variables: */ - /* mode:c */ - /* tab-width:4 */ diff --git a/app-arch/lha/files/lha-114i-sec2.patch b/app-arch/lha/files/lha-114i-sec2.patch deleted file mode 100644 index 897389def8d2..000000000000 --- a/app-arch/lha/files/lha-114i-sec2.patch +++ /dev/null @@ -1,191 +0,0 @@ ---- lha-114i/src/lha_macro.h -+++ lha-114i/src/lha_macro.h -@@ -53,7 +53,7 @@ - #define SEEK_SET 0 - #define SEEK_CUR 1 - #define SEEK_END 2 --#endif /* SEEK_SET -+#endif /* SEEK_SET */ - - - /* non-integral functions */ ---- lha-114i/src/lharc.c -+++ lha-114i/src/lharc.c -@@ -830,9 +830,10 @@ find_files(name, v_filec, v_filev) - DIRENTRY *dp; - struct stat tmp_stbuf, arc_stbuf, fil_stbuf; - -- strcpy(newname, name); -+ strncpy(newname, name, sizeof(newname)); -+ newname[sizeof(newname)-1] = 0; - len = strlen(name); -- if (len > 0 && newname[len - 1] != '/') -+ if (len > 0 && newname[len - 1] != '/' && len < (sizeof(newname)-1)) - newname[len++] = '/'; - - dirp = opendir(name); -@@ -846,6 +847,11 @@ find_files(name, v_filec, v_filev) - - for (dp = readdir(dirp); dp != NULL; dp = readdir(dirp)) { - n = NAMLEN(dp); -+ if (len >= (sizeof(newname)-1) || -+ (len+n) >= (sizeof(newname)-1) || -+ n <= 0 || -+ (len+n) <= 0) -+ break; - strncpy(newname + len, dp->d_name, n); - newname[len + n] = '\0'; - if (GETSTAT(newname, &fil_stbuf) < 0) -@@ -903,7 +909,8 @@ build_temporary_name() - strcpy(temporary_name, TMP_FILENAME_TEMPLATE); - } - else { -- sprintf(temporary_name, "%s/lhXXXXXX", extract_directory); -+ snprintf(temporary_name, sizeof(temporary_name), -+ "%s/lhXXXXXX", extract_directory); - } - #ifdef MKSTEMP - mkstemp(temporary_name); -@@ -913,10 +920,16 @@ build_temporary_name() - #else - char *p, *s; - -- strcpy(temporary_name, archive_name); -+ strncpy(temporary_name, archive_name, sizeof(temporary_name)); -+ temporary_name[sizeof(temporary_name)-1] = 0; - for (p = temporary_name, s = (char *) 0; *p; p++) - if (*p == '/') - s = p; -+ -+ if( sizeof(temporary_name) - ((size_t) (s-temporary_name)) - 1 -+ <= strlen("lhXXXXXX")) -+ exit(-1); -+ - strcpy((s ? s + 1 : temporary_name), "lhXXXXXX"); - #ifdef MKSTEMP - mkstemp(temporary_name); -@@ -1052,7 +1065,8 @@ open_old_archive() - - if (open_old_archive_1(archive_name, &fp)) - return fp; -- sprintf(expanded_archive_name, "%s.lzh", archive_name); -+ snprintf(expanded_archive_name, sizeof(expanded_archive_name), -+ "%s.lzh", archive_name); - if (open_old_archive_1(expanded_archive_name, &fp)) { - archive_name = expanded_archive_name; - return fp; -@@ -1061,7 +1075,8 @@ open_old_archive() - * if ( (errno&0xffff)!=E_PNNF ) { archive_name = - * expanded_archive_name; return NULL; } - */ -- sprintf(expanded_archive_name, "%s.lzs", archive_name); -+ snprintf(expanded_archive_name, sizeof(expanded_archive_name), -+ "%s.lzs", archive_name); - if (open_old_archive_1(expanded_archive_name, &fp)) { - archive_name = expanded_archive_name; - return fp; ---- lha-114i/src/lhext.c -+++ lha-114i/src/lhext.c -@@ -82,7 +82,8 @@ make_parent_path(name) - register char *p; - - /* make parent directory name into PATH for recursive call */ -- strcpy(path, name); -+ memset(path, 0, sizeof(path)); -+ strncpy(path, name, sizeof(path)-1); - for (p = path + strlen(path); p > path; p--) - if (p[-1] == '/') { - *--p = '\0'; -@@ -212,9 +213,11 @@ extract_one(afp, hdr) - } - - if (extract_directory) -- sprintf(name, "%s/%s", extract_directory, q); -- else -- strcpy(name, q); -+ snprintf(name, sizeof(name), "%s/%s", extract_directory, q); -+ else { -+ strncpy(name, q, sizeof(name)); -+ name[sizeof(name) - 1] = '\0'; -+ } - - - /* LZHDIRS_METHOD�����ĥإå��������å����� */ -@@ -335,7 +338,8 @@ extract_one(afp, hdr) - if ((hdr->unix_mode & UNIX_FILE_TYPEMASK) == UNIX_FILE_SYMLINK) { - char buf[256], *bb1, *bb2; - int l_code; -- strcpy(buf, name); -+ strncpy(buf, name, sizeof(buf)); -+ buf[sizeof(buf)-1] = 0; - bb1 = strtok(buf, "|"); - bb2 = strtok(NULL, "|"); - -@@ -365,9 +369,10 @@ extract_one(afp, hdr) - if (quiet != TRUE) { - printf("Symbolic Link %s -> %s\n", bb1, bb2); - } -- strcpy(name, bb1); /* Symbolic's name set */ -+ strncpy(name, bb1, 255); /* Symbolic's name set */ -+ name[255] = 0; - #else -- sprintf(buf, "%s -> %s", bb1, bb2); -+ sprintf(buf, sizeof(buf), "%s -> %s", bb1, bb2); - warning("Can't make Symbolic Link", buf); - return; - #endif ---- lha-114i/src/lhlist.c -+++ lha-114i/src/lhlist.c -@@ -250,7 +250,8 @@ list_one(hdr) - printf(" %s", hdr->name); - else { - char buf[256], *b1, *b2; -- strcpy(buf, hdr->name); -+ strncpy(buf, hdr->name, sizeof(buf)); -+ buf[sizeof(buf)-1] = 0; - b1 = strtok(buf, "|"); - b2 = strtok(NULL, "|"); - printf(" %s -> %s", b1, b2); ---- lha-114i/src/util.c -+++ lha-114i/src/util.c -@@ -276,21 +276,27 @@ rmdir(path) - char *path; - { - int stat, rtn = 0; -- char *cmdname; -- if ((cmdname = (char *) malloc(strlen(RMDIRPATH) + 1 + strlen(path) + 1)) -- == 0) -+ pid_t child; -+ -+ -+ /* XXX thomas: shell meta chars in path could exec commands */ -+ /* therefore we should avoid using system() */ -+ if ((child = fork()) < 0) -+ return (-1); /* fork error */ -+ else if (child) { /* parent process */ -+ while (child != wait(&stat)) /* ignore signals */ -+ continue; -+ } -+ else { /* child process */ -+ execl(RMDIRPATH, "rmdir", path, (char *) 0); -+ /* never come here except execl is error */ - return (-1); -- strcpy(cmdname, RMDIRPATH); -- *(cmdname + strlen(RMDIRPATH)) = ' '; -- strcpy(cmdname + strlen(RMDIRPATH) + 1, path); -- if ((stat = system(cmdname)) < 0) -- rtn = -1; /* fork or exec error */ -- else if (stat) { /* RMDIR command error */ -- errno = EIO; -- rtn = -1; - } -- free(cmdname); -- return (rtn); -+ if (stat != 0) { -+ errno = EIO; /* cannot get error num. */ -+ return (-1); -+ } -+ return (0); - } - - /* ------------------------------------------------------------------------ */ diff --git a/app-arch/lha/files/lha-114i-symlink.patch b/app-arch/lha/files/lha-114i-symlink.patch deleted file mode 100644 index a872fa5548f9..000000000000 --- a/app-arch/lha/files/lha-114i-symlink.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- lha-114i/src/lhext.c -+++ lha-114i/src/lhext.c -@@ -351,6 +351,7 @@ extract_one(afp, hdr) - } - - unlink(bb1); -+ make_parent_path(bb1); - l_code = symlink(bb2, bb1); - if (l_code < 0) { - if (quiet != TRUE) diff --git a/app-arch/lha/lha-114i-r5.ebuild b/app-arch/lha/lha-114i-r5.ebuild deleted file mode 100644 index 29f38f781d9d..000000000000 --- a/app-arch/lha/lha-114i-r5.ebuild +++ /dev/null @@ -1,39 +0,0 @@ -# Copyright 1999-2006 Gentoo Foundation -# Distributed under the terms of the GNU General Public License v2 -# $Header: /var/cvsroot/gentoo-x86/app-arch/lha/lha-114i-r5.ebuild,v 1.3 2006/10/07 19:20:27 flameeyes Exp $ - -inherit eutils flag-o-matic - -DESCRIPTION="Utility for creating and opening lzh archives" -HOMEPAGE="http://www2m.biglobe.ne.jp/~dolphin/lha/lha-unix.htm" -SRC_URI="http://www2m.biglobe.ne.jp/~dolphin/lha/prog/${P}.tar.gz" - -LICENSE="lha" -SLOT="0" -KEYWORDS="alpha amd64 arm hppa ia64 m68k ppc ppc-macos ppc64 s390 sh sparc x86 ~x86-fbsd" -IUSE="" - -DEPEND="" - -src_unpack() { - unpack ${A} - cd "${S}" - epatch "${FILESDIR}"/${P}-malloc.patch - epatch "${FILESDIR}"/${P}-sec.patch - epatch "${FILESDIR}"/${P}-sec2.patch - epatch "${FILESDIR}"/${P}-symlink.patch - epatch "${FILESDIR}"/${P}-dir_length_bounds_check.patch - epatch "${FILESDIR}"/${P}-build.patch - epatch "${FILESDIR}"/${P}-detect-cmd-extract-fail.patch -} - -src_compile() { - use ppc-macos && append-flags -DHAVE_NO_LCHOWN - emake || die -} - -src_install() { - make install DESTDIR="${D}" || die - use linguas_jp || rm -r "${D}"/usr/share/man - dodoc *.txt *.euc *.eng -} |