diff options
author | wiz <wiz> | 1999-12-23 01:44:03 +0000 |
---|---|---|
committer | wiz <wiz> | 1999-12-23 01:44:03 +0000 |
commit | 3e961fc4066aed3b6b2aeb008bdf2400a488a9bf (patch) | |
tree | 9d39f610fb0fe81fe54d9a441ee8b7093bd8f2e1 /games | |
parent | 0d7806445cdc6e77d5a0c0ca2dc95743f77a5910 (diff) | |
download | pkgsrc-3e961fc4066aed3b6b2aeb008bdf2400a488a9bf.tar.gz |
security fix (buffer overflow attack was possible, gaining group games)
see posting by Brock Tellier on Bugtraq 1999-12-15
as discussed on packages@netbsd.org, with comment by Hubert Feyrer
incorporated
Diffstat (limited to 'games')
-rw-r--r-- | games/xsoldier/files/patch-sum | 5 | ||||
-rw-r--r-- | games/xsoldier/patches/patch-ab | 59 | ||||
-rw-r--r-- | games/xsoldier/patches/patch-ac | 12 | ||||
-rw-r--r-- | games/xsoldier/patches/patch-ad | 12 |
4 files changed, 87 insertions, 1 deletions
diff --git a/games/xsoldier/files/patch-sum b/games/xsoldier/files/patch-sum index 5190fb49448..7a93f3a6b36 100644 --- a/games/xsoldier/files/patch-sum +++ b/games/xsoldier/files/patch-sum @@ -1,3 +1,6 @@ -$NetBSD: patch-sum,v 1.1 1999/07/09 13:51:04 agc Exp $ +$NetBSD: patch-sum,v 1.2 1999/12/23 01:44:03 wiz Exp $ MD5 (patch-aa) = e75fdc4bff99d42584c849fddedcd4cd +MD5 (patch-ab) = f8953cb70b7fd8781d6867e5b957ea73 +MD5 (patch-ac) = 22ee898aecc2079f706e288f2bde6d49 +MD5 (patch-ad) = 653ec785603b0be603214a7be0e07b41 diff --git a/games/xsoldier/patches/patch-ab b/games/xsoldier/patches/patch-ab new file mode 100644 index 00000000000..2524b32be03 --- /dev/null +++ b/games/xsoldier/patches/patch-ab @@ -0,0 +1,59 @@ +$NetBSD: patch-ab,v 1.1 1999/12/23 01:44:03 wiz Exp $ +--- main.c.orig Fri Feb 28 16:50:07 1997 ++++ main.c Wed Dec 22 02:32:19 1999 +@@ -49,8 +49,8 @@ static void clean(void); + static void sig_handle(void); + + /*** ふぁいるぐろーばる ***/ +-static char command[32]; +-static char display[32] = {'\0'}; ++static char *command; ++static char *display = NULL; + static int scoreOK = True; + static int putscore = False; + static int colormap = True; +@@ -65,7 +65,7 @@ int main(int argc, char *argv[]) + { + int i; + printf(" --- top 10 soldiers ---\n"); +- printf("Name Stage Score\n",command); ++ printf("Name Stage Score\n"); + for (i=1; i<=10; i++) + printf("%-20s %02d-%02d %08d\n", + player->Rec[i].name, +@@ -122,21 +122,19 @@ int main(int argc, char *argv[]) + + static void arginit(int argc, char *argv[]) + { +- char *argv0; + int i; + +- if ((argv0=strrchr(argv[0],'/')) != NULL) +- argv0++; ++ if ((command=strrchr(argv[0],'/')) != NULL) ++ command++; + else +- argv0 = argv[0]; +- strcpy(command,argv0); /*** コマンド名取得とコピー ***/ ++ command = argv[0]; + + for (i=1; i<argc; i++) + { + if ((strcmp(argv[i],"-display")==0) || (strcmp(argv[i],"-d")==0)) + { + if (i < argc-1) +- strcpy(display,argv[i+1]); ++ display = argv[i+1]; + } + else if ((strcmp(argv[i],"-wait")==0) || (strcmp(argv[i],"-w")==0)) + { +@@ -207,7 +205,8 @@ static void init(void) + dpy = XOpenDisplay(display); + if (dpy == NULL) + { +- fprintf(stderr,"init: [%s] can't open display.\n",display); ++ fprintf(stderr,"init: [%s] can't open display.\n", ++ display?display:getenv("DISPLAY")?getenv("DISPLAY"):":0"); + exit(1); + } + diff --git a/games/xsoldier/patches/patch-ac b/games/xsoldier/patches/patch-ac new file mode 100644 index 00000000000..d8079b51bd1 --- /dev/null +++ b/games/xsoldier/patches/patch-ac @@ -0,0 +1,12 @@ +$NetBSD: patch-ac,v 1.1 1999/12/23 01:44:03 wiz Exp $ +--- score.c.orig Mon Feb 24 16:25:44 1997 ++++ score.c Wed Dec 22 02:32:19 1999 +@@ -53,7 +53,7 @@ int ReadHiscore(PlayerData *p) + p->Rec[i].score = score; + p->Rec[i].loop = loop; + p->Rec[i].stage = stage; +- strcpy(p->Rec[i].name,name); ++ strncpy(p->Rec[i].name,name,sizeof(p->Rec[i].name)); + } + fclose(fp); + } diff --git a/games/xsoldier/patches/patch-ad b/games/xsoldier/patches/patch-ad new file mode 100644 index 00000000000..3eaa9307f8c --- /dev/null +++ b/games/xsoldier/patches/patch-ad @@ -0,0 +1,12 @@ +$NetBSD: patch-ad,v 1.1 1999/12/23 01:44:03 wiz Exp $ +--- manage.c.orig Mon Feb 24 17:20:07 1997 ++++ manage.c Wed Dec 22 02:32:19 1999 +@@ -306,7 +306,7 @@ PlayerData *NewPlayerData(void) + if ((pw=getpwuid(getuid())) == NULL) + sprintf(name,"%d",getuid()); + else +- strcpy(name,pw->pw_name); ++ strncpy(name,pw->pw_name,sizeof(name)); + + New = (PlayerData *)malloc(sizeof(PlayerData)); + |