pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/textproc/groff Fix insecure temporary file handling in...
details: https://anonhg.NetBSD.org/pkgsrc/rev/60074e671d8a
branches: trunk
changeset: 485614:60074e671d8a
user: wiz <wiz%pkgsrc.org@localhost>
date: Fri Dec 17 18:53:54 2004 +0000
description:
Fix insecure temporary file handling in groffer. Bump PKGREVISION.
diffstat:
textproc/groff/Makefile | 4 +-
textproc/groff/distinfo | 3 +-
textproc/groff/patches/patch-ad | 723 ++++++++++++++++++++++++++++++++++++++++
3 files changed, 727 insertions(+), 3 deletions(-)
diffs (truncated from 757 to 300 lines):
diff -r 133befe861d6 -r 60074e671d8a textproc/groff/Makefile
--- a/textproc/groff/Makefile Fri Dec 17 18:39:39 2004 +0000
+++ b/textproc/groff/Makefile Fri Dec 17 18:53:54 2004 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.20 2004/11/13 22:04:53 jlam Exp $
+# $NetBSD: Makefile,v 1.21 2004/12/17 18:53:54 wiz Exp $
#
DISTNAME= groff-1.19.1
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= textproc
MASTER_SITES= ${MASTER_SITE_GNU:=groff/}
diff -r 133befe861d6 -r 60074e671d8a textproc/groff/distinfo
--- a/textproc/groff/distinfo Fri Dec 17 18:39:39 2004 +0000
+++ b/textproc/groff/distinfo Fri Dec 17 18:53:54 2004 +0000
@@ -1,10 +1,11 @@
-$NetBSD: distinfo,v 1.8 2004/08/02 16:14:24 wiz Exp $
+$NetBSD: distinfo,v 1.9 2004/12/17 18:53:55 wiz Exp $
SHA1 (groff-1.19.1.tar.gz) = 82ba1b29b01c36bf41149ce8813cea712e3e6cbf
Size (groff-1.19.1.tar.gz) = 2629152 bytes
SHA1 (patch-aa) = d0d1f387fefbb376eeec8ba824365cab2c1667fd
SHA1 (patch-ab) = 3c50a8b758cf3ad9d31e449864bf07c09b396b92
SHA1 (patch-ac) = 38f75d8261ca39aff8a37771a283c99ad39142bd
+SHA1 (patch-ad) = 3480c6ebf29aa986cffcf9bba705153e5335224d
SHA1 (patch-ae) = 18d553fe99ca6915d42de5f6edf74fc56e2fc650
SHA1 (patch-ba) = cdafeefbde9490d0ed599a118fd34c06afac0f96
SHA1 (patch-bb) = ddd9ef807a09eaaf7b09a3c05be3443945c67379
diff -r 133befe861d6 -r 60074e671d8a textproc/groff/patches/patch-ad
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/textproc/groff/patches/patch-ad Fri Dec 17 18:53:54 2004 +0000
@@ -0,0 +1,723 @@
+$NetBSD: patch-ad,v 1.3 2004/12/17 18:53:55 wiz Exp $
+
+--- contrib/groffer/groffer.sh.orig 2004-05-04 07:03:01.000000000 +0200
++++ contrib/groffer/groffer.sh
+@@ -25,18 +25,21 @@
+ # Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+
+ _PROGRAM_NAME='groffer';
+-_PROGRAM_VERSION='0.9.7';
+-_LAST_UPDATE='30 Apr 2004';
++_PROGRAM_VERSION='0.9.12';
++_LAST_UPDATE='15 November 2004';
+
+
+ ########################################################################
+-# Determine the shell under which to run this script;
+-# if `ash' is available restart the script using `ash';
+-# otherwise just go on.
++# Determine the shell under which to run this script from the command
++# line arguments or $GROFF_OPT; if none is specified, just go on with
++# the starting shell.
+
+-if test "${_groffer_run}" = ''; then
++if test _"${_groffer_run}"_ = __; then
+ # only reached during the first run of the script
+
++ export _groffer_run; # counter for the runs of groffer
++ _groffer_run='first';
++
+ export _PROGRAM_NAME;
+ export _PROGRAM_VERSION;
+ export _LAST_UPDATE;
+@@ -44,9 +47,9 @@ if test "${_groffer_run}" = ''; then
+ export GROFFER_OPT; # option environment for groffer
+ export _GROFFER_SH; # file name of this shell script
+ export _OUTPUT_FILE_NAME; # output generated, see main_set_res..()
+- export _groffer_run; # counter for the runs of groffer
+
+- _groffer_run='first';
++ export _CONFFILES; # configuration files
++ _CONFFILES="/etc/groff/groffer.conf ${HOME}/.groff/groffer.conf";
+
+ case "$0" in
+ *${_PROGRAM_NAME}*)
+@@ -103,18 +106,33 @@ if test "${_groffer_run}" = ''; then
+ #
+ _test_on_shell()
+ {
+- if test "$#" -le 0 || test "$1" = ''; then
++ if test "$#" -le 0 || test _"$1"_ = __; then
+ return 1;
+ fi;
+ # do not quote $1 to allow arguments
+- test "$($1 -c 's=ok; echo -n "$s"' 2>/dev/null)" = 'ok';
++ test _"$($1 -c 's=ok; echo -n "$s"' 2>/dev/null)"_ = _ok_;
+ }
+
+- # do the shell determination
++ # do the shell determination from command line and $GROFFER_OPT
+ _shell="$(_get_opt_shell "$@")";
+- if test "${_shell}" = ''; then
+- _shell='ash';
++
++ if test _"${_shell}"_ = __; then
++ # none found, so look at the `--shell' lines in configuration files
++ export f;
++ for f in ${_CONFFILES}; do
++ if test -f $f; then
++ _all="$(cat $f | sed -n -e '/^--shell[= ] *\([^ ]*\)$/s//\1/p')"
++ for s in ${_all}; do
++ _shell=$s;
++ done;
++ fi;
++ done;
++ unset f;
++ unset s;
++ unset _all;
+ fi;
++
++ # restart the script with the last found $_shell, if it is a shell
+ if _test_on_shell "${_shell}"; then
+ _groffer_run='second';
+ # do not quote $_shell to allow arguments
+@@ -122,26 +140,17 @@ if test "${_groffer_run}" = ''; then
+ exit;
+ fi;
+
+- # clean-up of shell determination
++ _groffer_run='second';
+ unset _shell;
+- unset _GROFFER_SH;
+- unset _groffer_run;
+- _get_opt_shell()
+- {
+- return 0;
+- }
+- _test_on_shell()
+- {
+- return 0;
+- }
+
+ fi; # end of first run
+
+-if test "${_groffer_run}" != 'second';
++if test _"${_groffer_run}"_ != _second_;
+ then
+ echo "$_groffer_run should be 'second' here." >&2
+ exit 1
+ fi;
++
+ unset _groffer_run
+
+
+@@ -241,9 +250,6 @@ return_no="func_pop; return ${_NO}";
+ return_error="func_pop; return ${_ERROR}";
+
+
+-export _CONFFILES;
+-_CONFFILES="/etc/groff/groffer.conf ${HOME}/.groff/groffer.conf";
+-
+ export _DEFAULT_MODES;
+ _DEFAULT_MODES='x,ps,tty';
+ export _DEFAULT_RESOLUTION;
+@@ -328,18 +334,18 @@ _OPTS_GROFFER_LONG_NA="'auto' 'debug' 'd
+
+ _OPTS_GROFFER_LONG_ARG="\
+ 'apropos' 'apropos-data' 'apropos-devel' 'apropos-progs' \
+-'default-modes' 'dvi-viewer' 'extension' 'fg' 'fn' 'font' \
++'default-modes' 'device' 'dvi-viewer' 'extension' 'fg' 'fn' 'font' \
+ 'foreground' 'html-viewer' 'mode' 'pdf-viewer' 'ps-viewer' 'shell' \
+ 'tty-viewer' 'www-viewer' 'x-viewer' 'X-viewer'";
+
+ ##### groffer options inhereted from groff
+
+ _OPTS_GROFF_SHORT_NA="'a' 'b' 'c' 'C' 'e' 'E' 'g' 'G' 'i' 'l' 'N' 'p' \
+-'R' 's' 'S' 't' 'U' 'V' 'z'";
++'R' 's' 'S' 't' 'U' 'z'";
+ _OPTS_GROFF_SHORT_ARG="'d' 'f' 'F' 'I' 'L' 'm' 'M' 'n' 'o' 'P' 'r' \
+ 'w' 'W'";
+-_OPTS_GROFF_LONG_NA="'source'";
+-_OPTS_GROFF_LONG_ARG="'device' 'macro-file'";
++_OPTS_GROFF_LONG_NA="";
++_OPTS_GROFF_LONG_ARG="";
+
+ ##### groffer options inhereted from the X Window toolkit
+
+@@ -467,8 +473,7 @@ export _OPT_WHATIS; # print the one-lin
+ export _OPT_XRM; # specify X resource.
+ export _OPT_Z; # groff option -Z.
+ # _TMP_* temporary files
+-export _TMP_DIR; # groff directory for temporary files
+-export _TMP_DIR_SUB; # groffer directory for temporary files
++export _TMP_DIR; # groffer directory for temporary files
+ export _TMP_CAT; # stores concatenation of everything
+ export _TMP_STDIN; # stores stdin, if any
+
+@@ -490,7 +495,7 @@ test "a" = "a" || exit 1;
+ # Test of `echo' and the `$()' construct.
+ #
+ echo -n '' >/dev/null || exit "${_ERROR}";
+-if test "$(echo -n 'te' && echo -n '' && echo -n 'st')" != "test"; then
++if test _"$(echo -n 'te' && echo -n '' && echo -n 'st')"_ != _test_; then
+ exit "${_ERROR}";
+ fi;
+
+@@ -527,7 +532,6 @@ _HAS_OPTS_POSIX='';
+
+ # _TMP_* temporary files
+ _TMP_DIR='';
+-_TMP_DIR_SUB='';
+ _TMP_CAT='';
+ _TMP_STDIN='';
+
+@@ -631,7 +635,7 @@ reset;
+ #
+ landmark()
+ {
+- if test "${_DEBUG_LM}" = 'yes'; then
++ if test _"${_DEBUG_LM}"_ = _yes_; then
+ echo ">>> $*" >&2;
+ fi;
+ }
+@@ -647,8 +651,7 @@ landmark "1: debugging functions";
+ clean_up()
+ {
+ if test -d "${_TMP_DIR}"; then
+- rm -f "${_TMP_DIR}"/*;
+- rmdir "${_TMP_DIR}";
++ rm -f -r "${_TMP_DIR}";
+ fi;
+ }
+
+@@ -709,7 +712,7 @@ error()
+ ;;
+ *) echo2 'groffer error: wrong number of arguments in error().'; ;;
+ esac;
+- if test "${_DEBUG}" = 'yes'; then
++ if test _"${_DEBUG}"_ = _yes_; then
+ func_stack_dump;
+ fi;
+ clean_up;
+@@ -803,7 +806,7 @@ func_check()
+ error \
+ "${_fname}"'() needs '"${_comp} ${_nargs}"' argument'"${_s}"'.';
+ fi;
+- if test "${_DEBUG}" = 'yes'; then
++ if test _"${_DEBUG}"_ = _yes_; then
+ func_push "${_fname} $*";
+ fi;
+ }
+@@ -822,7 +825,7 @@ func_check()
+ #
+ func_pop()
+ {
+- if test "${_DEBUG}" = 'yes'; then
++ if test _"${_DEBUG}"_ = _yes_; then
+ if test "$#" -ne 0; then
+ error 'func_pop() does not have arguments.';
+ fi;
+@@ -856,7 +859,7 @@ func_pop()
+ func_push()
+ {
+ local _element;
+- if test "${_DEBUG}" = 'yes'; then
++ if test _"${_DEBUG}"_ = _yes_; then
+ if test "$#" -ne 1; then
+ error 'func_push() needs 1 argument.';
+ fi;
+@@ -869,7 +872,7 @@ func_push()
+ _element="$1";
+ ;;
+ esac;
+- if test "${_FUNC_STACK}" = ''; then
++ if test _"${_FUNC_STACK}"_ = __; then
+ _FUNC_STACK="${_element}";
+ else
+ _FUNC_STACK="${_element}!${_FUNC_STACK}";
+@@ -889,7 +892,7 @@ func_stack_dump()
+ case "${_FUNC_STACK}" in
+ *!*)
+ _rest="${_FUNC_STACK}";
+- while test "${_rest}" != ''; do
++ while test _"${_rest}"_ != __; do
+ # get part before the first bang `!'.
+ diag "$(echo -n "${_rest}" | sed -e 's/!.*$//')";
+ # delete part before and including the first bang `!'.
+@@ -934,7 +937,7 @@ fi;
+ # Test of `unset'.
+ #
+ _test='test';
+-if unset _test >/dev/null 2>&1 && test "${_test}" = ''; then
++if unset _test >/dev/null 2>&1 && test _"${_test}"_ = __; then
+ true;
+ else
+ unset()
+@@ -960,7 +963,7 @@ if _t_e_s_t_f_u_n_c_; then
+ else
+ local()
+ {
+- if test "$1" != ''; then
++ if test _"$1"_ != __; then
+ error "overriding global variable \`$1' with local value.";
+ fi;
+ }
+@@ -981,7 +984,7 @@ _t_e_s_t_f_u_n_c_()
+ }
Home |
Main Index |
Thread Index |
Old Index