Add a patch to prevent possible buffer overflow by using strcpy()

in zzip_open_shared_io(), it was reported as CVE-2007-1614. Bump PKGREVISION.
author: taca <taca@pkgsrc.org> 2007-05-06 00:28:57 +0000
committer: taca <taca@pkgsrc.org> 2007-05-06 00:28:57 +0000
commit: 179121e598ae7b9f62c63e7035209002b085ff85 (patch)
tree: 3a94c7b53e987355928390d975371db7ed5efcc0 /archivers/zziplib/patches
parent: 14e74f1ccdafa1f7db3fecf6309c42b8aec49c7d (diff)
download: pkgsrc-179121e598ae7b9f62c63e7035209002b085ff85.tar.gz
1 files changed, 15 insertions, 0 deletions
diff --git a/archivers/zziplib/patches/patch-ab b/archivers/zziplib/patches/patch-ab
new file mode 100644
index 00000000000..c9628bf3bfa
--- /dev/null
+++ b/archivers/zziplib/patches/patch-ab
@@ -0,0 +1,15 @@
+$NetBSD: patch-ab,v 1.1 2007/05/06 00:28:57 taca Exp $
+
+--- zzip/file.c.orig	2003-07-29 04:52:49.000000000 +0900
++++ zzip/file.c
+@@ -708,7 +708,9 @@ zzip_open_shared_io (ZZIP_FILE* stream,
+     /* see if we can open a file that is a zip file */
+     { char basename[PATH_MAX];
+       char* p;
+-      strcpy (basename, filename);
++      int filename_len = strlen (filename);
++      if (filename_len >= PATH_MAX) { errno = ENAMETOOLONG; return 0; }
++      memcpy (basename, filename, filename_len+1);
+ 
+       /* see if we can share the same zip directory */
+       if (stream && stream->dir && stream->dir->realname)
author	taca <taca@pkgsrc.org>	2007-05-06 00:28:57 +0000
committer	taca <taca@pkgsrc.org>	2007-05-06 00:28:57 +0000
commit	179121e598ae7b9f62c63e7035209002b085ff85 (patch)
tree	3a94c7b53e987355928390d975371db7ed5efcc0 /archivers/zziplib/patches
parent	14e74f1ccdafa1f7db3fecf6309c42b8aec49c7d (diff)
download	pkgsrc-179121e598ae7b9f62c63e7035209002b085ff85.tar.gz