diff options
author | wiz <wiz@pkgsrc.org> | 2018-01-21 18:44:58 +0000 |
---|---|---|
committer | wiz <wiz@pkgsrc.org> | 2018-01-21 18:44:58 +0000 |
commit | 011a7faf053be59431b383ca9ad3acc096ccaac6 (patch) | |
tree | b2ff7e22363fd77aa79b9264d78db7e62f1a5b94 /multimedia | |
parent | 4f355d657cd7e23cc3152b61792a0e1191a026c5 (diff) | |
download | pkgsrc-011a7faf053be59431b383ca9ad3acc096ccaac6.tar.gz |
xine-ui: fix two buffer overflows found by SSP
From Anon.
Bump PKGREVISION.
Diffstat (limited to 'multimedia')
-rw-r--r-- | multimedia/xine-ui/Makefile | 4 | ||||
-rw-r--r-- | multimedia/xine-ui/distinfo | 5 | ||||
-rw-r--r-- | multimedia/xine-ui/patches/patch-aj | 15 | ||||
-rw-r--r-- | multimedia/xine-ui/patches/patch-src_xitk_session__common.c | 15 |
4 files changed, 33 insertions, 6 deletions
diff --git a/multimedia/xine-ui/Makefile b/multimedia/xine-ui/Makefile index 4cdae396e54..40bcf2a0118 100644 --- a/multimedia/xine-ui/Makefile +++ b/multimedia/xine-ui/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.81 2018/01/01 21:18:46 adam Exp $ +# $NetBSD: Makefile,v 1.82 2018/01/21 18:44:58 wiz Exp $ DISTNAME= xine-ui-0.99.8 -PKGREVISION= 14 +PKGREVISION= 15 CATEGORIES= multimedia MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=xine/} EXTRACT_SUFX= .tar.xz diff --git a/multimedia/xine-ui/distinfo b/multimedia/xine-ui/distinfo index 6695271eca7..73d58500582 100644 --- a/multimedia/xine-ui/distinfo +++ b/multimedia/xine-ui/distinfo @@ -1,11 +1,12 @@ -$NetBSD: distinfo,v 1.26 2015/11/03 23:54:34 agc Exp $ +$NetBSD: distinfo,v 1.27 2018/01/21 18:44:58 wiz Exp $ SHA1 (xine-ui-0.99.8.tar.xz) = ffe8e6507a95f92f1e29aa4e3751f4b505e8da1a RMD160 (xine-ui-0.99.8.tar.xz) = 5f876d2dd24ab2bec8f1027dee071b8f3f3e76f9 SHA512 (xine-ui-0.99.8.tar.xz) = a2d11b0c512b9d485e0bbe418b36fb5fd52fe1a9c68cdb865771fc580b30bff513825f3e24ef85a902669c2c1ea8947512dd9abe4c12fdef94b8852cc8588da3 Size (xine-ui-0.99.8.tar.xz) = 1758372 bytes SHA1 (patch-ab) = 93cd824f2b85affb8847d84dd8562ef4bb12f6eb -SHA1 (patch-aj) = 8030659d18f9a28c0d56a0a95748f070b912f95e +SHA1 (patch-aj) = faa52c1a42d6053fc03b722286b2021d5508c8ac SHA1 (patch-ba) = 58cb4076d7034b252015c51de9260452bf63f37d SHA1 (patch-bb) = 2dcc5d1df7d46226f4f2c2a53ff6772bc513bf51 +SHA1 (patch-src_xitk_session__common.c) = 7040122ba6351989226584adb2c16a0d9fee31e6 SHA1 (patch-zz) = d97dfaf773f5e69c18f6163e7262fdfbd330e5ed diff --git a/multimedia/xine-ui/patches/patch-aj b/multimedia/xine-ui/patches/patch-aj index 86dc29ad29a..8e1c8e6c4fd 100644 --- a/multimedia/xine-ui/patches/patch-aj +++ b/multimedia/xine-ui/patches/patch-aj @@ -1,9 +1,11 @@ -$NetBSD: patch-aj,v 1.6 2014/05/07 18:44:28 wiz Exp $ +$NetBSD: patch-aj,v 1.7 2018/01/21 18:44:59 wiz Exp $ Support NetBSD and DragonFlyBSD. https://bugs.xine-project.org/show_bug.cgi?id=515 ---- src/xitk/session.c.orig 2010-03-11 09:40:12.000000000 +0000 +Fix buffer overflow + +--- src/xitk/session.c.orig 2014-02-25 16:52:58.000000000 +0000 +++ src/xitk/session.c @@ -21,7 +21,7 @@ /* Largely inspired of xmms control socket stuff */ @@ -14,3 +16,12 @@ https://bugs.xine-project.org/show_bug.cgi?id=515 #define _XOPEN_SOURCE 500 #endif +@@ -453,7 +453,7 @@ int init_session(void) { + for(i = 0;; i++) { + saddr.un.sun_family = AF_UNIX; + +- snprintf(saddr.un.sun_path, 108, "%s%s%d", (xine_get_homedir()), "/.xine/session.", i); ++ snprintf(saddr.un.sun_path, sizeof(saddr.un.sun_path), "%s%s%d", (xine_get_homedir()), "/.xine/session.", i); + if(!is_remote_running(i)) { + if((unlink(saddr.un.sun_path) == -1) && errno != ENOENT) { + fprintf(stderr, "setup_ctrlsocket(): Failed to unlink %s (Error: %s)", diff --git a/multimedia/xine-ui/patches/patch-src_xitk_session__common.c b/multimedia/xine-ui/patches/patch-src_xitk_session__common.c new file mode 100644 index 00000000000..53c7068dbbf --- /dev/null +++ b/multimedia/xine-ui/patches/patch-src_xitk_session__common.c @@ -0,0 +1,15 @@ +$NetBSD: patch-src_xitk_session__common.c,v 1.1 2018/01/21 18:44:59 wiz Exp $ + +Fix buffer overflow + +--- src/xitk/session_common.c.orig 2014-02-25 16:52:58.000000000 +0000 ++++ src/xitk/session_common.c +@@ -61,7 +61,7 @@ int connect_to_session(int session) { + euid = geteuid(); + setuid(euid); + +- snprintf(saddr.un.sun_path, 108, "%s%s%d", (xine_get_homedir()), "/.xine/session.", session); ++ snprintf(saddr.un.sun_path, sizeof(saddr.un.sun_path), "%s%s%d", (xine_get_homedir()), "/.xine/session.", session); + setreuid(stored_uid, euid); + + if((connect(fd,&saddr.sa, sizeof(saddr.un))) != -1) { |