pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/archivers/unzip Add patch to fix the security problem ...
details: https://anonhg.NetBSD.org/pkgsrc/rev/2ddeb81f251a
branches: trunk
changeset: 497792:2ddeb81f251a
user: tron <tron%pkgsrc.org@localhost>
date: Thu Aug 04 14:20:35 2005 +0000
description:
Add patch to fix the security problem described in SA16309.
diffstat:
archivers/unzip/Makefile | 4 +-
archivers/unzip/distinfo | 9 +++--
archivers/unzip/patches/patch-ac | 64 ++++++++++++++++++++++++++++++++++++++++
3 files changed, 71 insertions(+), 6 deletions(-)
diffs (98 lines):
diff -r 71068d8d0484 -r 2ddeb81f251a archivers/unzip/Makefile
--- a/archivers/unzip/Makefile Thu Aug 04 13:29:14 2005 +0000
+++ b/archivers/unzip/Makefile Thu Aug 04 14:20:35 2005 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.55 2005/05/22 20:07:37 jlam Exp $
+# $NetBSD: Makefile,v 1.56 2005/08/04 14:20:35 tron Exp $
DISTNAME= unzip552
PKGNAME= unzip-5.52
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= archivers
MASTER_SITES= ftp://ftp.info-zip.org/pub/infozip/src/
diff -r 71068d8d0484 -r 2ddeb81f251a archivers/unzip/distinfo
--- a/archivers/unzip/distinfo Thu Aug 04 13:29:14 2005 +0000
+++ b/archivers/unzip/distinfo Thu Aug 04 14:20:35 2005 +0000
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.13 2005/03/01 07:45:28 salo Exp $
+$NetBSD: distinfo,v 1.14 2005/08/04 14:20:35 tron Exp $
-SHA1 (unzip-5.52nb1/unzip552.tar.gz) = 1831bd59b9e607a69052f83b263384895e2d4a19
-RMD160 (unzip-5.52nb1/unzip552.tar.gz) = b749b0923bc4cceaa6f937aef688e9713a84328c
-Size (unzip-5.52nb1/unzip552.tar.gz) = 1140291 bytes
+SHA1 (unzip-5.52nb2/unzip552.tar.gz) = 1831bd59b9e607a69052f83b263384895e2d4a19
+RMD160 (unzip-5.52nb2/unzip552.tar.gz) = b749b0923bc4cceaa6f937aef688e9713a84328c
+Size (unzip-5.52nb2/unzip552.tar.gz) = 1140291 bytes
SHA1 (patch-aa) = de66b7b5c45904167e8596ce5235d957c2df4d2a
SHA1 (patch-ab) = dd426fdf4b774bd73f4ee46da470ffa3c2cf6513
+SHA1 (patch-ac) = ada9059d9b3384396bbf6437f55fa40f2f6c0c73
diff -r 71068d8d0484 -r 2ddeb81f251a archivers/unzip/patches/patch-ac
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/archivers/unzip/patches/patch-ac Thu Aug 04 14:20:35 2005 +0000
@@ -0,0 +1,64 @@
+$NetBSD: patch-ac,v 1.1 2005/08/04 14:20:35 tron Exp $
+
+--- unix/unix.c.orig 2005-02-26 19:43:42.000000000 +0000
++++ unix/unix.c 2005-08-04 15:15:17.000000000 +0100
+@@ -1042,8 +1042,6 @@
+ ush z_uidgid[2];
+ int have_uidgid_flg;
+
+- fclose(G.outfile);
+-
+ /*---------------------------------------------------------------------------
+ If symbolic links are supported, allocate storage for a symlink control
+ structure, put the uncompressed "data" and other required info in it, and
+@@ -1059,6 +1057,8 @@
+ strlen(G.filename);
+ slinkentry *slnk_entry;
+
++ fclose(G.outfile);
++
+ if ((unsigned)slnk_entrysize < ucsize) {
+ Info(slide, 0x201, ((char *)slide,
+ "warning: symbolic link (%s) failed: mem alloc overflow\n",
+@@ -1107,6 +1107,11 @@
+ }
+ #endif /* SYMLINKS */
+
++#ifndef NO_CHMOD
++ if (fchmod(fileno(G.outfile), filtattr(__G__ G.pInfo->file_attr)))
++ perror("chmod (file attributes) error");
++#endif
++
+ #ifdef QLZIP
+ if (G.extra_field) {
+ static void qlfix OF((__GPRO__ uch *ef_ptr, unsigned ef_len));
+@@ -1120,7 +1125,7 @@
+ /* if -X option was specified and we have UID/GID info, restore it */
+ if (have_uidgid_flg) {
+ TTrace((stderr, "close_outfile: restoring Unix UID/GID info\n"));
+- if (chown(G.filename, (uid_t)z_uidgid[0], (gid_t)z_uidgid[1]))
++ if (fchown(fileno(G.outfile), (uid_t)z_uidgid[0], (gid_t)z_uidgid[1]))
+ {
+ if (uO.qflag)
+ Info(slide, 0x201, ((char *)slide,
+@@ -1133,6 +1138,8 @@
+ }
+ }
+
++ fclose(G.outfile);
++
+ /* set the file's access and modification times */
+ if (utime(G.filename, &(zt.t2))) {
+ #ifdef AOS_VS
+@@ -1156,11 +1163,6 @@
+ zipfile.
+ ---------------------------------------------------------------------------*/
+
+-#ifndef NO_CHMOD
+- if (chmod(G.filename, filtattr(__G__ G.pInfo->file_attr)))
+- perror("chmod (file attributes) error");
+-#endif
+-
+ } /* end function close_outfile() */
+
+ #endif /* !MTS */
Home |
Main Index |
Thread Index |
Old Index