Add fix for CVS-2014-4975 as ruby200-base and ruby21-base.

Bump PKGREVISION.

3 files changed, 46 insertions, 2 deletions

diff --git a/lang/ruby193-base/Makefile b/lang/ruby193-base/Makefile
index 43d6037b872..4b3c4a1dd6f 100644
--- a/lang/ruby193-base/Makefile
+++ b/lang/ruby193-base/Makefile
@@ -1,8 +1,9 @@
-# $NetBSD: Makefile,v 1.44 2014/09/02 20:41:42 jperkin Exp $
+# $NetBSD: Makefile,v 1.45 2014/09/30 10:40:08 taca Exp $
 #
 
 DISTNAME=	${RUBY_DISTNAME}
 PKGNAME=	${RUBY_PKGPREFIX}-base-${RUBY_VERSION_FULL}
+PKGREVISION=	1
 CATEGORIES=	lang ruby
 MASTER_SITES=	${MASTER_SITE_RUBY}
 
diff --git a/lang/ruby193-base/distinfo b/lang/ruby193-base/distinfo
index 878ff902965..e7fc35e0784 100644
--- a/lang/ruby193-base/distinfo
+++ b/lang/ruby193-base/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.34 2014/08/25 03:25:57 taca Exp $
+$NetBSD: distinfo,v 1.35 2014/09/30 10:40:08 taca Exp $
 
 SHA1 (ruby-1.9.3-p547.tar.bz2) = 972ea65ab50c697a60c672888a143e0bc84b4d6e
 RMD160 (ruby-1.9.3-p547.tar.bz2) = 827473dd20e4dad7704eb5da19f13ce5c105bddf
@@ -29,6 +29,7 @@ SHA1 (patch-man_erb.1) = a8f69ebb02b4d5e1c80b270a3d683c23d8dfbcf1
 SHA1 (patch-man_irb.1) = 58fcccbb5f5f76450715cbf246a018af58d9b57e
 SHA1 (patch-man_ri.1) = 25d82d08a9eb74ccc1cbbc1fc324d23f1a56ed64
 SHA1 (patch-man_ruby.1) = 43c638a38bed8257f33d8f5a491acd77a18032b7
+SHA1 (patch-pack.c) = 1fa428ded4e95a8511333d7d1eaa4ff80f0f919d
 SHA1 (patch-test_rubygems_test__gem.rb) = fe8b8e436b255595122d2a01462ba0a686575f24
 SHA1 (patch-tool_rbinstall.rb) = f0497085a09b31145f57028b30e335b09acabcff
 SHA1 (patch-vsnprintf.c) = 7bb4ca07381536717518143ef7803634168ca9fa
diff --git a/lang/ruby193-base/patches/patch-pack.c b/lang/ruby193-base/patches/patch-pack.c
new file mode 100644
index 00000000000..bfd9c5d98af
--- /dev/null
+++ b/lang/ruby193-base/patches/patch-pack.c
@@ -0,0 +1,42 @@
+$NetBSD: patch-pack.c,v 1.1 2014/09/30 10:40:08 taca Exp $
+
+Fix for CVS-2014-4975 from revision #46806 in ruby_2_1 branch.
+
+--- pack.c.orig	2012-08-09 13:49:27.000000000 +0000
++++ pack.c
+@@ -1068,7 +1068,8 @@ static const char b64_table[] =
+ static void
+ encodes(VALUE str, const char *s, long len, int type, int tail_lf)
+ {
+-    char buff[4096];
++    enum {buff_size = 4096, encoded_unit = 4};
++    char buff[buff_size + 1];	/* +1 for tail_lf */
+     long i = 0;
+     const char *trans = type == 'u' ? uu_table : b64_table;
+     int padding;
+@@ -1081,7 +1082,7 @@ encodes(VALUE str, const char *s, long l
+ 	padding = '=';
+     }
+     while (len >= 3) {
+-        while (len >= 3 && sizeof(buff)-i >= 4) {
++        while (len >= 3 && buff_size-i >= encoded_unit) {
+             buff[i++] = trans[077 & (*s >> 2)];
+             buff[i++] = trans[077 & (((*s << 4) & 060) | ((s[1] >> 4) & 017))];
+             buff[i++] = trans[077 & (((s[1] << 2) & 074) | ((s[2] >> 6) & 03))];
+@@ -1089,7 +1090,7 @@ encodes(VALUE str, const char *s, long l
+             s += 3;
+             len -= 3;
+         }
+-        if (sizeof(buff)-i < 4) {
++        if (buff_size-i < encoded_unit) {
+             rb_str_buf_cat(str, buff, i);
+             i = 0;
+         }
+@@ -1109,6 +1110,7 @@ encodes(VALUE str, const char *s, long l
+     }
+     if (tail_lf) buff[i++] = '\n';
+     rb_str_buf_cat(str, buff, i);
++    if ((size_t)i > sizeof(buff)) rb_bug("encodes() buffer overrun");
+ }
+ 
+ static const char hex_table[] = "0123456789ABCDEF";