diff options
author | spz <spz@pkgsrc.org> | 2016-07-28 12:56:35 +0000 |
---|---|---|
committer | spz <spz@pkgsrc.org> | 2016-07-28 12:56:35 +0000 |
commit | 8c78770f6151672dc94139880b5d3e16b6ec689c (patch) | |
tree | e67de013e34552f6d65c4fa5c29ed2085df7e625 | |
parent | 4f9ef11af03e68406dd1cd4598902f536d919feb (diff) | |
download | pkgsrc-8c78770f6151672dc94139880b5d3e16b6ec689c.tar.gz |
Pullup ticket #5074 - requested by christos
devel/cvsps: security patch
Revisions pulled up:
- devel/cvsps/Makefile 1.27
- devel/cvsps/distinfo 1.14
- devel/cvsps/patches/patch-ag 1.2
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: christos
Date: Mon Jul 25 05:10:03 UTC 2016
Modified Files:
pkgsrc/devel/cvsps: Makefile distinfo
pkgsrc/devel/cvsps/patches: patch-ag
Log Message:
Fix buffer overflow on long lines
To generate a diff of this commit:
cvs rdiff -u -r1.26 -r1.27 pkgsrc/devel/cvsps/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/devel/cvsps/distinfo
cvs rdiff -u -r1.1 -r1.2 pkgsrc/devel/cvsps/patches/patch-ag
-rw-r--r-- | devel/cvsps/Makefile | 4 | ||||
-rw-r--r-- | devel/cvsps/distinfo | 4 | ||||
-rw-r--r-- | devel/cvsps/patches/patch-ag | 92 |
3 files changed, 91 insertions, 9 deletions
diff --git a/devel/cvsps/Makefile b/devel/cvsps/Makefile index b18c7239b32..f899c9f358a 100644 --- a/devel/cvsps/Makefile +++ b/devel/cvsps/Makefile @@ -1,8 +1,8 @@ -# $NetBSD: Makefile,v 1.26 2014/10/09 14:06:08 wiz Exp $ +# $NetBSD: Makefile,v 1.26.14.1 2016/07/28 12:56:35 spz Exp $ # DISTNAME= cvsps-2.1 -PKGREVISION= 3 +PKGREVISION= 4 CATEGORIES= devel scm MASTER_SITES= ${HOMEPAGE} diff --git a/devel/cvsps/distinfo b/devel/cvsps/distinfo index 43e39f2d088..d17d2a1e1ab 100644 --- a/devel/cvsps/distinfo +++ b/devel/cvsps/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.13 2015/11/03 03:27:21 agc Exp $ +$NetBSD: distinfo,v 1.13.6.1 2016/07/28 12:56:35 spz Exp $ SHA1 (cvsps-2.1.tar.gz) = a53a62b121e7b86e07a393bcb8aa4f0492a747c4 RMD160 (cvsps-2.1.tar.gz) = a3063f638fbf1136761549658432d5842e4a766f @@ -10,4 +10,4 @@ SHA1 (patch-ac) = 07f6d1955c0fde42784f8891b1136f12fa5dbfa4 SHA1 (patch-ad) = 20d84dc236a5c259677fdf68268de5bb64e6d26f SHA1 (patch-ae) = 345036b4021f90a2f6629a5d32e85caa786d961f SHA1 (patch-af) = d32eb67ede1d81ee3abe55a7f94515fcf3ea93cf -SHA1 (patch-ag) = 38ea212acde5e07aee33413c79f893e311ebb85e +SHA1 (patch-ag) = c68adbb42938ecb2f42c55bc9be0aa6db3b013f9 diff --git a/devel/cvsps/patches/patch-ag b/devel/cvsps/patches/patch-ag index abc5dcabf82..c79e1132bca 100644 --- a/devel/cvsps/patches/patch-ag +++ b/devel/cvsps/patches/patch-ag @@ -1,14 +1,96 @@ -$NetBSD: patch-ag,v 1.1 2012/06/29 14:59:24 christos Exp $ +$NetBSD: patch-ag,v 1.1.34.1 2016/07/28 12:56:35 spz Exp $ ---- cvs_direct.c.orig 2012-06-28 17:52:13.000000000 -0400 -+++ cvs_direct.c 2012-06-28 17:52:51.000000000 -0400 -@@ -916,7 +916,9 @@ +Keep reading for M +Avoid buffer overflow (truncate). + +--- cvs_direct.c.orig 2005-05-25 23:39:40.000000000 -0400 ++++ cvs_direct.c 2016-07-25 01:06:39.000000000 -0400 +@@ -45,7 +45,7 @@ + static void send_string(CvsServerCtx *, const char *, ...); + static int read_response(CvsServerCtx *, const char *); + static void ctx_to_fp(CvsServerCtx * ctx, FILE * fp); +-static int read_line(CvsServerCtx * ctx, char * p); ++static int read_line(CvsServerCtx * ctx, char * p, size_t); + + static CvsServerCtx * open_ctx_pserver(CvsServerCtx *, const char *); + static CvsServerCtx * open_ctx_forked(CvsServerCtx *, const char *); +@@ -131,7 +131,7 @@ + send_string(ctx, "valid-requests\n"); + + /* check for the commands we will issue */ +- read_line(ctx, buff); ++ read_line(ctx, buff, sizeof(buff)); + if (strncmp(buff, "Valid-requests", 14) != 0) + { + debug(DEBUG_APPERROR, "cvs_direct: bad response to valid-requests command"); +@@ -150,7 +150,7 @@ + return NULL; + } + +- read_line(ctx, buff); ++ read_line(ctx, buff, sizeof(buff)); + if (strcmp(buff, "ok") != 0) + { + debug(DEBUG_APPERROR, "cvs_direct: bad ok trailer to valid-requests command"); +@@ -661,7 +661,7 @@ + return len; + } + +-static int read_line(CvsServerCtx * ctx, char * p) ++static int read_line(CvsServerCtx * ctx, char * p, size_t size) + { + int len = 0; + while (1) +@@ -672,7 +672,7 @@ + + *p = *ctx->head++; + +- if (*p == '\n') ++ if (*p == '\n' || len >= size - 1) + { + *p = 0; + break; +@@ -689,7 +689,7 @@ + /* FIXME: more than 1 char at a time */ + char resp[BUFSIZ]; + +- if (read_line(ctx, resp) < 0) ++ if (read_line(ctx, resp, sizeof(resp)) < 0) + return 0; + + debug(DEBUG_TCP, "response '%s' read", resp); +@@ -703,7 +703,7 @@ + + while (1) + { +- read_line(ctx, line); ++ read_line(ctx, line, sizeof(line)); + debug(DEBUG_TCP, "ctx_to_fp: %s", line); + if (memcmp(line, "M ", 2) == 0) + { +@@ -879,7 +879,7 @@ + char lbuff[BUFSIZ]; + int len; + +- len = read_line(ctx, lbuff); ++ len = read_line(ctx, lbuff, sizeof(lbuff)); + debug(DEBUG_TCP, "cvs_direct: rlog: read %s", lbuff); + + if (memcmp(lbuff, "M ", 2) == 0) +@@ -910,13 +910,15 @@ + char lbuff[BUFSIZ]; + strcpy(client_version, "Client: Concurrent Versions System (CVS) 99.99.99 (client/server) cvs-direct"); + send_string(ctx, "version\n"); +- read_line(ctx, lbuff); ++ read_line(ctx, lbuff, sizeof(lbuff)); + if (memcmp(lbuff, "M ", 2) == 0) + sprintf(server_version, "Server: %s", lbuff + 2); else debug(DEBUG_APPERROR, "cvs_direct: didn't read version: %s", lbuff); - read_line(ctx, lbuff); + do -+ read_line(ctx, lbuff); ++ read_line(ctx, lbuff, sizeof(lbuff)); + while(memcmp(lbuff, "M ", 2) == 0); if (strcmp(lbuff, "ok") != 0) debug(DEBUG_APPERROR, "cvs_direct: protocol error reading version"); |