pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/pkgsrc-2005Q1]: pkgsrc/archivers/gsharutils Pullup ticket 407 - reque...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/ecc4e75f65e0
branches:  pkgsrc-2005Q1
changeset: 490892:ecc4e75f65e0
user:      snj <snj%pkgsrc.org@localhost>
date:      Fri Apr 01 05:03:52 2005 +0000

description:
Pullup ticket 407 - requested by Lubomir Sedlacik
security fix for gsharutils

Revisions pulled up:
- pkgsrc/archivers/gsharutils/Makefile          1.25
- pkgsrc/archivers/gsharutils/distinfo          1.11, 1.12
- pkgsrc/archivers/gsharutils/patches/patch-ac  1.3
- pkgsrc/archivers/gsharutils/patches/patch-ah  1.5
- pkgsrc/archivers/gsharutils/patches/patch-ai  1.3
- pkgsrc/archivers/gsharutils/patches/patch-aj  1.4, 1.5


    Module Name:    pkgsrc
    Committed By:   salo
    Date:           Thu Mar 31 14:17:05 UTC 2005

    Modified Files:
            pkgsrc/archivers/gsharutils: Makefile distinfo
            pkgsrc/archivers/gsharutils/patches: patch-ac
    Added Files:
            pkgsrc/archivers/gsharutils/patches: patch-ah patch-ai patch-aj

    Log Message:
    Securitu fix for CAN-2004-1773:

    "Multiple buffer overflows in sharutils 4.2.1 and earlier may allow
    attackers to execute arbitrary code via long output from wc to shar,
    or unknown vectors in unshar."

    Patch from SuSE/Gentoo. Also add more sanity checking patches from
    the latter.
----
    Module Name:    pkgsrc
    Committed By:   salo
    Date:           Thu Mar 31 14:41:48 UTC 2005

    Modified Files:
            pkgsrc/archivers/gsharutils: distinfo
            pkgsrc/archivers/gsharutils/patches: patch-aj

    Log Message:
    Fix mktemp usage.

diffstat:

 archivers/gsharutils/Makefile         |   12 ++-
 archivers/gsharutils/distinfo         |    7 +-
 archivers/gsharutils/patches/patch-ac |  119 ++++++++++++++++++++++++++++++++-
 archivers/gsharutils/patches/patch-ah |   36 ++++++++++
 archivers/gsharutils/patches/patch-ai |   46 +++++++++++++
 archivers/gsharutils/patches/patch-aj |   17 ++++
 6 files changed, 227 insertions(+), 10 deletions(-)

diffs (300 lines):

diff -r f9c92322fa13 -r ecc4e75f65e0 archivers/gsharutils/Makefile
--- a/archivers/gsharutils/Makefile     Thu Mar 31 15:10:58 2005 +0000
+++ b/archivers/gsharutils/Makefile     Fri Apr 01 05:03:52 2005 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.24 2005/02/26 04:42:50 tv Exp $
+# $NetBSD: Makefile,v 1.24.2.1 2005/04/01 05:03:52 snj Exp $
 
 DISTNAME=      sharutils-4.2.1
 PKGNAME=       g${DISTNAME}
-PKGREVISION=   4
+PKGREVISION=   5
 CATEGORIES=    archivers
 MASTER_SITES=  ${MASTER_SITE_GNU:=sharutils/}
 
@@ -10,9 +10,9 @@
 HOMEPAGE=      http://www.gnu.org/software/sharutils/sharutils.html
 COMMENT=       Allow packing and unpacking of shell archives
 
-PKG_INSTALLATION_TYPES=        overwrite pkgviews
+BUILD_USES_MSGFMT=     yes
 
-BUILD_USES_MSGFMT=     yes
+PKG_INSTALLATION_TYPES=        overwrite pkgviews
 
 USE_BUILDLINK3=                yes
 USE_PKGLOCALEDIR=      yes
@@ -26,6 +26,10 @@
 
 .include "../../mk/bsd.prefs.mk"
 
+.if empty(OPSYS:M*BSD)
+DEPENDS+=              mktemp>=1.5:../../sysutils/mktemp
+.endif
+
 # gettext 0.11+ has renamed internal symbols, and gsharutils is
 # being a very bad neighbor by using them directly.  To fix, force
 # use of gettext >= 0.11, and rename the symbol in gsharutils.  -tv
diff -r f9c92322fa13 -r ecc4e75f65e0 archivers/gsharutils/distinfo
--- a/archivers/gsharutils/distinfo     Thu Mar 31 15:10:58 2005 +0000
+++ b/archivers/gsharutils/distinfo     Fri Apr 01 05:03:52 2005 +0000
@@ -1,12 +1,15 @@
-$NetBSD: distinfo,v 1.10 2005/02/23 14:45:23 agc Exp $
+$NetBSD: distinfo,v 1.10.2.1 2005/04/01 05:03:52 snj Exp $
 
 SHA1 (sharutils-4.2.1.tar.gz) = 3f0c0af31bd429cee1e088eb74867f20f8d399ef
 RMD160 (sharutils-4.2.1.tar.gz) = 06e1629aa8a1c982e6032f194df6f5fe85f85b43
 Size (sharutils-4.2.1.tar.gz) = 306022 bytes
 SHA1 (patch-aa) = 654641dee00efc19771546cf1753d1025c18d9be
 SHA1 (patch-ab) = cc46cfb2ff26861f9c3cd482a31a5c59226a1899
-SHA1 (patch-ac) = 76bf1dedc34a462dd05a55511d9caf578cae78d0
+SHA1 (patch-ac) = 2fbf90458b0a81082db6b1bd343efb5f2062a947
 SHA1 (patch-ad) = fe6ba534c9830294c97dd37586aaa2c63d385a4c
 SHA1 (patch-ae) = 8b88d98af2d1f24ba2623e8d56b36061806f5e12
 SHA1 (patch-af) = 50aee8dc24a33892a0f17f7aeb5cfbae1adcb0c9
 SHA1 (patch-ag) = af78d21124b33f0d8bdc27969119222e4d79008e
+SHA1 (patch-ah) = 1540064ef3a21a4486950ca24432f471bf1366a9
+SHA1 (patch-ai) = a95e116d517e5fe536a31d12db1c33daaf2609af
+SHA1 (patch-aj) = 56ee560455a206c6fa5c106f1c759d0a0296dfd7
diff -r f9c92322fa13 -r ecc4e75f65e0 archivers/gsharutils/patches/patch-ac
--- a/archivers/gsharutils/patches/patch-ac     Thu Mar 31 15:10:58 2005 +0000
+++ b/archivers/gsharutils/patches/patch-ac     Fri Apr 01 05:03:52 2005 +0000
@@ -1,8 +1,24 @@
-$NetBSD: patch-ac,v 1.2 1999/05/23 20:33:46 tv Exp $
+$NetBSD: patch-ac,v 1.2.20.1 2005/04/01 05:03:52 snj Exp $
 
---- src/shar.c.orig    Sun Jun  8 22:47:22 1997
-+++ src/shar.c Sun Jun  8 22:47:37 1997
-@@ -688,7 +688,7 @@
+--- src/shar.c.orig    1999-09-10 21:20:41.000000000 +0200
++++ src/shar.c 2005-03-31 15:33:03.000000000 +0200
+@@ -211,11 +211,11 @@
+ /* Position for first file in the shar file.  */
+ static long first_file_position;
+ 
+-/* Base for output filename.  FIXME: No fix limit in GNU... */
+-static char output_base_name[50];
++/* Base for output filename.  */
++static char *output_base_name;
+ 
+-/* Actual output filename.  FIXME: No fix limit in GNU... */
+-static char output_filename[50];
++/* Actual output filename.  */
++static char *output_filename;
+ 
+ static char *submitter_address = NULL;
+ 
+@@ -696,7 +696,7 @@
       const char *local_name;
       const char *restore_name;
  {
@@ -11,3 +27,98 @@
           mode_string (struct_stat.st_mode), restore_name);
    return 0;
  }
+@@ -1571,7 +1571,7 @@
+         sprintf (command, "%s '%s'", CHARACTER_COUNT_COMMAND, local_name);
+         if (pfp = popen (command, "r"), pfp)
+           {
+-            char wc[BUFSIZ];
++              char wc[BUFSIZ], tempform[50];      
+             const char *prefix = "";
+ 
+             if (did_md5)
+@@ -1579,8 +1579,8 @@
+                 fputs ("  else\n", output);
+                 prefix = "  ";
+               }
+-
+-            fscanf (pfp, "%s", wc);
++      sprintf (tempform, "%%%ds", BUFSIZ - 1);
++      fscanf (pfp, tempform, wc);
+             fprintf (output, "\
+ %s  shar_count=\"`%s '%s'`\"\n\
+ %s  test %s -eq \"$shar_count\" ||\n\
+@@ -1634,7 +1634,12 @@
+ static void
+ open_output ()
+ {
+-  sprintf (output_filename, output_base_name, ++part_number);
++  size_t l;
++  l = strlen(output_base_name) + 128;
++  if (output_filename)
++    free(output_filename);
++  output_filename = xmalloc(l);
++  snprintf(output_filename, l, output_base_name, ++part_number);
+   output = fopen (output_filename, "w");
+   if (!output)
+     error (EXIT_FAILURE, errno, _("Opening `%s'"), output_filename);
+@@ -1771,6 +1776,42 @@
+   { NULL, 0, NULL, 0 },
+ };
+ 
++
++char *parse_output_base_name(char *arg)
++{
++  int c;
++  int hadarg = 0;
++  char *fmt, *p;
++
++  for (p = arg ; (c = *p++) != 0; )
++    {
++      if (c != '%')
++      continue;
++      c = *p++;
++      if (c == '%')
++      continue;
++      if (hadarg)
++      return 0;
++      while (c != 0 && strchr("#0+- 'I", c) != 0)
++      c = *p++;
++      while (c != 0 && c >= '0' && c <= '9')
++      c = *p++;
++      if (c == '.')
++      c = *p++;
++      while (c != 0 && c >= '0' && c <= '9')
++      c = *p++;
++      if (c == 0 || strchr("diouxX", c) == 0)
++      return 0;
++      hadarg = 1;
++    }
++  fmt = xmalloc(strlen(arg) + (hadarg ? 1 : 6));
++  strcpy(fmt, arg);
++  if (!hadarg)
++    strcat(fmt, ".%02d");
++  return fmt;
++}
++
++
+ /*---.
+ | ?  |
+ `---*/
+@@ -1905,9 +1946,14 @@
+       break;
+ 
+       case 'o':
+-      strcpy (output_base_name, optarg);
+-      if (!strchr (output_base_name, '%'))
+-        strcat (output_base_name, ".%02d");
++      if (output_base_name)
++        free (output_base_name);
++        output_base_name = parse_output_base_name(optarg);
++        if (!output_base_name)
++        {
++          fprintf (stderr, _("illegal output prefix\n"));
++          exit (EXIT_FAILURE);
++        }
+       part_number = 0;
+       open_output ();
+       break;
diff -r f9c92322fa13 -r ecc4e75f65e0 archivers/gsharutils/patches/patch-ah
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/archivers/gsharutils/patches/patch-ah     Fri Apr 01 05:03:52 2005 +0000
@@ -0,0 +1,36 @@
+$NetBSD: patch-ah,v 1.4.12.1 2005/04/01 05:03:52 snj Exp $
+
+--- src/unshar.c.orig  1995-11-21 17:22:14.000000000 +0100
++++ src/unshar.c       2005-03-31 15:33:03.000000000 +0200
+@@ -346,8 +346,8 @@
+ {
+   size_t size_read;
+   FILE *file;
+-  char name_buffer[NAME_BUFFER_SIZE];
+-  char copy_buffer[NAME_BUFFER_SIZE];
++  char name_buffer[NAME_BUFFER_SIZE] = {'\0'};
++  char copy_buffer[NAME_BUFFER_SIZE] = {'\0'};
+   int optchar;
+ 
+   program_name = argv[0];
+@@ -409,13 +409,13 @@
+   if (optind < argc)
+     for (; optind < argc; optind++)
+       {
+-      if (argv[optind][0] == '/')
+-        stpcpy (name_buffer, argv[optind]);
+-      else
+-        {
+-          char *cp = stpcpy (name_buffer, current_directory);
+-          *cp++ = '/';
+-          stpcpy (cp, argv[optind]);
++      if (argv[optind][0] == '/') {
++              strncpy (name_buffer, argv[optind], sizeof(name_buffer));
++              name_buffer[sizeof(name_buffer)-1] = '\0';
++      }
++      else {
++              snprintf(name_buffer, sizeof(name_buffer),"%s/%s", current_directory, argv[optind]);
++              name_buffer[sizeof(name_buffer)-1] = '\0';
+         }
+       if (file = fopen (name_buffer, "r"), !file)
+         error (EXIT_FAILURE, errno, name_buffer);
diff -r f9c92322fa13 -r ecc4e75f65e0 archivers/gsharutils/patches/patch-ai
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/archivers/gsharutils/patches/patch-ai     Fri Apr 01 05:03:52 2005 +0000
@@ -0,0 +1,46 @@
+$NetBSD: patch-ai,v 1.2.12.1 2005/04/01 05:03:52 snj Exp $
+
+--- src/uudecode.c.orig        1995-12-02 04:14:14.000000000 +0100
++++ src/uudecode.c     2005-03-31 15:51:27.000000000 +0200
+@@ -81,6 +81,9 @@
+ /* Single character decode.  */
+ #define       DEC(Char) (((Char) - ' ') & 077)
+ 
++#if !defined S_ISLNK && defined S_IFLNK
++# define S_ISLNK(m) (((m) & S_IFMT) == S_IFLNK)
++#endif
+ 
+ static int
+ read_stduu (inname)
+@@ -279,6 +282,7 @@
+   char buf[2 * BUFSIZ];
+   char *outname;
+   int do_base64 = 0;
++  struct stat attr;
+ 
+   /* Search for header line.  */
+ 
+@@ -337,6 +341,23 @@
+       }
+     }
+ 
++  /* Check out file if it exists */
++  if (strcmp (outname, "/dev/stdout") != 0 && strcmp (outname, "-") != 0
++      && !access(outname, F_OK)) {
++    if (lstat(outname, &attr) == -1) {
++      error (0, errno, _("cannot access %s"), outname);
++      return 1;
++    }
++    if (S_ISFIFO(attr.st_mode)){
++      error (0, errno, _("denied writing FIFO (%s)"), outname);
++      return 1;
++    }
++    if (S_ISLNK(attr.st_mode)) {
++      error (0, errno, _("not following symlink (%s)"), outname);
++      return 1;
++    }
++  }
++
+   /* Create output file and set mode.  */
+ 
+   if (strcmp (outname, "/dev/stdout") != 0 && strcmp (outname, "-") != 0
diff -r f9c92322fa13 -r ecc4e75f65e0 archivers/gsharutils/patches/patch-aj
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/archivers/gsharutils/patches/patch-aj     Fri Apr 01 05:03:52 2005 +0000
@@ -0,0 +1,17 @@
+$NetBSD: patch-aj,v 1.3.12.1 2005/04/01 05:03:52 snj Exp $
+
+--- src/mailshar.in.orig       1995-11-26 00:42:47.000000000 +0100
++++ src/mailshar.in    2005-03-31 15:51:27.000000000 +0200
+@@ -33,7 +33,11 @@
+ If none of -MTBzZ are given, -z is automatically selected if *none*
+ of the FILEs have an .arc, .exz, .gif, .z, .gz, .Z, .zip or .zoo suffix."
+ 
+-temp=/usr/tmp/$$.shar
++temp=`mktemp -q /tmp/${0##*/}.XXXXXX`
++if [ $? -ne 0 ]; then
++    echo "$0: Can't create temp file, exiting..."
++    exit 1
++fi
+ 
+ ### Decode the options.
+ 



Home | Main Index | Thread Index | Old Index