pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/x11/openmotif Fix vulnerabilities reported in CAN-2004...
details: https://anonhg.NetBSD.org/pkgsrc/rev/8e298789c589
branches: trunk
changeset: 485638:8e298789c589
user: tron <tron%pkgsrc.org@localhost>
date: Sat Dec 18 00:39:31 2004 +0000
description:
Fix vulnerabilities reported in CAN-2004-0687 and CAN-2004-0688 by
applying a patch based on ICS's patch for OpenMotif 2.2.3.
diffstat:
x11/openmotif/Makefile | 6 +-
x11/openmotif/distinfo | 11 ++-
x11/openmotif/patches/patch-ba | 30 +++++++
x11/openmotif/patches/patch-bb | 13 +++
x11/openmotif/patches/patch-bc | 36 ++++++++
x11/openmotif/patches/patch-bd | 13 +++
x11/openmotif/patches/patch-be | 59 ++++++++++++++
x11/openmotif/patches/patch-bf | 13 +++
x11/openmotif/patches/patch-bg | 31 +++++++
x11/openmotif/patches/patch-bh | 170 +++++++++++++++++++++++++++++++++++++++++
x11/openmotif/patches/patch-bi | 69 ++++++++++++++++
11 files changed, 446 insertions(+), 5 deletions(-)
diffs (truncated from 509 to 300 lines):
diff -r f00ac36bc861 -r 8e298789c589 x11/openmotif/Makefile
--- a/x11/openmotif/Makefile Sat Dec 18 00:14:04 2004 +0000
+++ b/x11/openmotif/Makefile Sat Dec 18 00:39:31 2004 +0000
@@ -1,11 +1,9 @@
-# $NetBSD: Makefile,v 1.29 2004/12/03 15:15:12 wiz Exp $
-# FreeBSD: /c/ncvs/ports/x11-toolkits/open-motif/Makefile,v 1.18 2000/10/09 01:40:02 asami Exp
-# OpenBSD: Makefile,v 1.5 2000/10/23 16:08:12 espie Exp
+# $NetBSD: Makefile,v 1.30 2004/12/18 00:39:31 tron Exp $
PKGVER= 2.1.30
DISTNAME= openmotif${PKGVER}
PKGNAME= openmotif-${PKGVER}
-PKGREVISION= 2
+PKGREVISION= 3
CATEGORIES= x11
MOTIF_SITES= ftp://openmotif.opengroup.org/pub/openmotif/R${PKGVER}/ \
ftp://ftp.opengroup.org/pub/openmotif/R${PKGVER}/ \
diff -r f00ac36bc861 -r 8e298789c589 x11/openmotif/distinfo
--- a/x11/openmotif/distinfo Sat Dec 18 00:14:04 2004 +0000
+++ b/x11/openmotif/distinfo Sat Dec 18 00:39:31 2004 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.13 2004/08/31 03:10:16 danw Exp $
+$NetBSD: distinfo,v 1.14 2004/12/18 00:39:31 tron Exp $
SHA1 (openmotif/openmotif2.1.30.tar.gz) = 34fc82fdf0e200525864665e179246ef64082dcc
Size (openmotif/openmotif2.1.30.tar.gz) = 17711487 bytes
@@ -38,3 +38,12 @@
SHA1 (patch-ax) = de1ee2594e39bec4cab599aa45d4b9d5af80fc7e
SHA1 (patch-ay) = 38187926dcc27c510880e17ff2d6c35cd5e8393e
SHA1 (patch-az) = 15f8d029940fc04be246ad7a479f14af6e38af03
+SHA1 (patch-ba) = c8a13cc06db7413ddb0abcc2b6e9781d4b9550ef
+SHA1 (patch-bb) = 1d38da709ee1231323feb0e348be6dafd54d755d
+SHA1 (patch-bc) = 87915f61d20e4defd6ac3a68667528515b6b88a0
+SHA1 (patch-bd) = 8f46473bb0380ce69b2eadc1c65322094d538bf8
+SHA1 (patch-be) = 35a24957def48a2f2771f34ebc53ecf83c827a66
+SHA1 (patch-bf) = 211d84bccf91ed474634658a75af5d8977b052d4
+SHA1 (patch-bg) = 582f455b066bd4f12160d719c885e9d8423632e5
+SHA1 (patch-bh) = 4025190b6200398b54cfa075da8976e96bf7c3ee
+SHA1 (patch-bi) = b11a6493500c3d7dec379a2e73f42d7752f471ba
diff -r f00ac36bc861 -r 8e298789c589 x11/openmotif/patches/patch-ba
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/openmotif/patches/patch-ba Sat Dec 18 00:39:31 2004 +0000
@@ -0,0 +1,30 @@
+$NetBSD: patch-ba,v 1.1 2004/12/18 00:39:31 tron Exp $
+
+--- lib/Xm/XpmAttrib.c.orig 2000-04-28 16:05:22.000000000 +0100
++++ lib/Xm/XpmAttrib.c 2004-12-17 23:20:38.000000000 +0000
+@@ -36,7 +36,7 @@
+ #include "XpmI.h"
+
+ /* 3.2 backward compatibility code */
+-LFUNC(CreateOldColorTable, int, (XpmColor *ct, int ncolors,
++LFUNC(CreateOldColorTable, int, (XpmColor *ct, unsigned int ncolors,
+ XpmColor ***oldct));
+
+ LFUNC(FreeOldColorTable, void, (XpmColor **colorTable, int ncolors));
+@@ -47,12 +47,15 @@
+ static int
+ CreateOldColorTable(ct, ncolors, oldct)
+ XpmColor *ct;
+- int ncolors;
++ unsigned int ncolors;
+ XpmColor ***oldct;
+ {
+ XpmColor **colorTable, **color;
+ int a;
+
++ if (ncolors >= SIZE_MAX / sizeof(XpmColor *))
++ return XpmNoMemory;
++
+ colorTable = (XpmColor **) XpmMalloc(ncolors * sizeof(XpmColor *));
+ if (!colorTable) {
+ *oldct = NULL;
diff -r f00ac36bc861 -r 8e298789c589 x11/openmotif/patches/patch-bb
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/openmotif/patches/patch-bb Sat Dec 18 00:39:31 2004 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-bb,v 1.1 2004/12/18 00:39:31 tron Exp $
+
+--- lib/Xm/XpmCrDatFrI.c.orig 2000-04-28 16:05:22.000000000 +0100
++++ lib/Xm/XpmCrDatFrI.c 2004-12-17 23:20:38.000000000 +0000
+@@ -129,6 +129,8 @@
+ */
+ header_nlines = 1 + image->ncolors;
+ header_size = sizeof(char *) * header_nlines;
++ if (header_size >= SIZE_MAX / sizeof(char *))
++ return (XpmNoMemory);
+ header = (char **) XpmCalloc(header_size, sizeof(char *));
+ if (!header)
+ return (XpmNoMemory);
diff -r f00ac36bc861 -r 8e298789c589 x11/openmotif/patches/patch-bc
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/openmotif/patches/patch-bc Sat Dec 18 00:39:31 2004 +0000
@@ -0,0 +1,36 @@
+$NetBSD: patch-bc,v 1.1 2004/12/18 00:39:31 tron Exp $
+
+--- lib/Xm/XpmI.h.orig 2004-12-17 23:17:51.000000000 +0000
++++ lib/Xm/XpmI.h 2004-12-17 23:21:35.000000000 +0000
+@@ -179,6 +179,18 @@
+ boundCheckingCalloc((long)(nelem),(long) (elsize))
+ #endif
+
++#if defined(SCO) || defined(__USLC__)
++#include <stdint.h> /* For SIZE_MAX */
++#endif
++#include <limits.h>
++#ifndef SIZE_MAX
++# ifdef ULONG_MAX
++# define SIZE_MAX ULONG_MAX
++# else
++# define SIZE_MAX UINT_MAX
++# endif
++#endif
++
+ #define XPMMAXCMTLEN BUFSIZ
+ typedef struct {
+ unsigned int type;
+@@ -276,9 +288,9 @@
+ } *xpmHashAtom;
+
+ typedef struct {
+- int size;
+- int limit;
+- int used;
++ unsigned int size;
++ unsigned int limit;
++ unsigned int used;
+ xpmHashAtom *atomTable;
+ } xpmHashTable;
+
diff -r f00ac36bc861 -r 8e298789c589 x11/openmotif/patches/patch-bd
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/openmotif/patches/patch-bd Sat Dec 18 00:39:31 2004 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-bd,v 1.1 2004/12/18 00:39:31 tron Exp $
+
+--- lib/Xm/XpmWrFFrI.c.orig 2000-04-28 16:05:22.000000000 +0100
++++ lib/Xm/XpmWrFFrI.c 2004-12-17 23:20:38.000000000 +0000
+@@ -239,6 +239,8 @@
+ unsigned int x, y, h;
+
+ h = height - 1;
++ if (cpp != 0 && width >= (SIZE_MAX - 3)/cpp)
++ return XpmNoMemory;
+ p = buf = (char *) XpmMalloc(width * cpp + 3);
+ if (!buf)
+ return (XpmNoMemory);
diff -r f00ac36bc861 -r 8e298789c589 x11/openmotif/patches/patch-be
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/openmotif/patches/patch-be Sat Dec 18 00:39:31 2004 +0000
@@ -0,0 +1,59 @@
+$NetBSD: patch-be,v 1.1 2004/12/18 00:39:31 tron Exp $
+
+--- lib/Xm/Xpmcreate.c.orig 2000-04-28 16:05:21.000000000 +0100
++++ lib/Xm/Xpmcreate.c 2004-12-17 23:28:32.000000000 +0000
+@@ -1,4 +1,5 @@
+ /* $XConsortium: Xpmcreate.c /main/8 1996/09/20 08:15:02 pascale $ */
++/* $XdotOrg: pre-CVS proposed fix for CESA-2004-003 alanc 7/25/2004 $ */
+ /*
+ * Copyright (C) 1989-95 GROUPE BULL
+ *
+@@ -799,6 +800,9 @@
+
+ ErrorStatus = XpmSuccess;
+
++ if (image->ncolors >= SIZE_MAX / sizeof(Pixel))
++ return (XpmNoMemory);
++
+ /* malloc pixels index tables */
+ image_pixels = (Pixel *) XpmMalloc(sizeof(Pixel) * image->ncolors);
+ if (!image_pixels)
+@@ -942,6 +946,8 @@
+ return (XpmNoMemory);
+
+ #ifndef FOR_MSW
++ if (height != 0 && (*image_return)->bytes_per_line >= SIZE_MAX / height)
++ return XpmNoMemory;
+ /* now that bytes_per_line must have been set properly alloc data */
+ (*image_return)->data =
+ (char *) XpmMalloc((*image_return)->bytes_per_line * height);
+@@ -1987,6 +1993,9 @@
+ xpmGetCmt(data, &colors_cmt);
+
+ /* malloc pixels index tables */
++ if (ncolors >= SIZE_MAX / sizeof(Pixel))
++ return XpmNoMemory;
++
+ image_pixels = (Pixel *) XpmMalloc(sizeof(Pixel) * ncolors);
+ if (!image_pixels)
+ RETURN(XpmNoMemory);
+@@ -2200,6 +2209,9 @@
+ {
+ unsigned short colidx[256];
+
++ if (ncolors > 256)
++ return (XpmFileInvalid);
++
+ bzero((char *)colidx, 256 * sizeof(short));
+ for (a = 0; a < ncolors; a++)
+ colidx[(unsigned char)colorTable[a].string[0]] = a + 1;
+@@ -2298,6 +2310,9 @@
+ char *s;
+ char buf[BUFSIZ];
+
++ if (cpp >= sizeof(buf))
++ return (XpmFileInvalid);
++
+ buf[cpp] = '\0';
+ if (USE_HASHTABLE) {
+ xpmHashAtom *slot;
diff -r f00ac36bc861 -r 8e298789c589 x11/openmotif/patches/patch-bf
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/openmotif/patches/patch-bf Sat Dec 18 00:39:31 2004 +0000
@@ -0,0 +1,13 @@
+$NetBSD: patch-bf,v 1.1 2004/12/18 00:39:31 tron Exp $
+
+--- lib/Xm/Xpmdata.c.orig 2000-04-28 16:05:21.000000000 +0100
++++ lib/Xm/Xpmdata.c 2004-12-17 23:29:37.000000000 +0000
+@@ -371,7 +371,7 @@
+ {
+ if (!mdata->type)
+ *cmt = NULL;
+- else if (mdata->CommentLength) {
++ else if (mdata->CommentLength != 0 && mdata->CommentLength < SIZE_MAX - 1) {
+ *cmt = (char *) XpmMalloc(mdata->CommentLength + 1);
+ strncpy(*cmt, mdata->Comment, mdata->CommentLength);
+ (*cmt)[mdata->CommentLength] = '\0';
diff -r f00ac36bc861 -r 8e298789c589 x11/openmotif/patches/patch-bg
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/openmotif/patches/patch-bg Sat Dec 18 00:39:31 2004 +0000
@@ -0,0 +1,31 @@
+$NetBSD: patch-bg,v 1.1 2004/12/18 00:39:31 tron Exp $
+
+--- lib/Xm/Xpmhashtab.c.orig 2000-04-28 16:05:22.000000000 +0100
++++ lib/Xm/Xpmhashtab.c 2004-12-17 23:21:35.000000000 +0000
+@@ -136,7 +136,7 @@
+ xpmHashTable *table;
+ {
+ xpmHashAtom *atomTable = table->atomTable;
+- int size = table->size;
++ unsigned int size = table->size;
+ xpmHashAtom *t, *p;
+ int i;
+ int oldSize = size;
+@@ -145,6 +145,8 @@
+ HASH_TABLE_GROWS
+ table->size = size;
+ table->limit = size / 3;
++ if (size >= SIZE_MAX / sizeof(*atomTable))
++ return (XpmNoMemory);
+ atomTable = (xpmHashAtom *) XpmMalloc(size * sizeof(*atomTable));
+ if (!atomTable)
+ return (XpmNoMemory);
+@@ -205,6 +207,8 @@
+ table->size = INITIAL_HASH_SIZE;
+ table->limit = table->size / 3;
+ table->used = 0;
++ if (table->size >= SIZE_MAX / sizeof(*atomTable))
++ return (XpmNoMemory);
+ atomTable = (xpmHashAtom *) XpmMalloc(table->size * sizeof(*atomTable));
+ if (!atomTable)
+ return (XpmNoMemory);
diff -r f00ac36bc861 -r 8e298789c589 x11/openmotif/patches/patch-bh
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/x11/openmotif/patches/patch-bh Sat Dec 18 00:39:31 2004 +0000
@@ -0,0 +1,170 @@
+$NetBSD: patch-bh,v 1.1 2004/12/18 00:39:31 tron Exp $
+
+--- lib/Xm/Xpmparse.c.orig 2000-04-28 16:05:21.000000000 +0100
++++ lib/Xm/Xpmparse.c 2004-12-18 00:31:35.000000000 +0000
+@@ -42,6 +42,15 @@
+ #include "XpmI.h"
+ #include <ctype.h>
+
++#define STRLCAT(dst, src, dstsize) { \
++ if ((strlen(dst) + strlen(src)) < (dstsize)) \
++ strcat(dst, src); \
++ else return (XpmFileInvalid); }
++#define STRLCPY(dst, src, dstsize) { \
++ if (strlen(src) < (dstsize)) \
++ strcpy(dst, src); \
++ else return (XpmFileInvalid); }
++
+ LFUNC(ParsePixels, int, (xpmData *data, unsigned int width,
+ unsigned int height, unsigned int ncolors,
+ unsigned int cpp, XpmColor *colorTable,
+@@ -209,7 +218,7 @@
+ unsigned int *extensions;
+ {
+ unsigned int l;
+- char buf[BUFSIZ];
++ char buf[BUFSIZ+1];
+
+ if (!data->format) { /* XPM 2 or 3 */
+
+@@ -318,10 +327,10 @@
+ XpmColor **colorTablePtr;
+ xpmHashTable *hashtable;
+ {
+- unsigned int key, l, a, b;
Home |
Main Index |
Thread Index |
Old Index