diff options
| author | markd <markd@pkgsrc.org> | 2008-12-29 08:48:45 +0000 |
|---|---|---|
| committer | markd <markd@pkgsrc.org> | 2008-12-29 08:48:45 +0000 |
| commit | b14dd4636cd9903b00080f32717f9b42da12b93a (patch) | |
| tree | 66aec6550647a7da75a0ba8ea2942b485303bd07 /net/netatalk/patches | |
| parent | 0b29e32e86b229ede841b0d293cee05c31e23e56 (diff) | |
| download | pkgsrc-b14dd4636cd9903b00080f32717f9b42da12b93a.tar.gz | |
Fix quoting chars in popen variables expansion
(http://secunia.com/advisories/33227/)
patch from 2.0.4beta2. Bump PKGREVISION.
Diffstat (limited to 'net/netatalk/patches')
| -rw-r--r-- | net/netatalk/patches/patch-ap | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/net/netatalk/patches/patch-ap b/net/netatalk/patches/patch-ap new file mode 100644 index 00000000000..905dab34dd1 --- /dev/null +++ b/net/netatalk/patches/patch-ap @@ -0,0 +1,97 @@ +$NetBSD: patch-ap,v 1.4 2008/12/29 08:48:46 markd Exp $ + +quote chars in popen variables expansion - from 2.0.4beta2 + +--- etc/papd/lp.c.orig 2004-06-09 14:24:47.000000000 +1200 ++++ etc/papd/lp.c +@@ -212,10 +212,37 @@ static void lp_setup_comments (charset_t + + #define is_var(a, b) (strncmp((a), (b), 2) == 0) + ++static size_t quote(char *dest, char *src, const size_t bsize, size_t len) ++{ ++size_t used = 0; ++ ++ while (len && used < bsize ) { ++ switch (*src) { ++ case '$': ++ case '\\': ++ case '"': ++ case '`': ++ if (used + 2 > bsize ) ++ return used; ++ *dest = '\\'; ++ dest++; ++ used++; ++ break; ++ } ++ *dest = *src; ++ src++; ++ dest++; ++ len--; ++ used++; ++ } ++ return used; ++} ++ ++ + static char* pipexlate(char *src) + { + char *p, *q, *dest; +- static char destbuf[MAXPATHLEN]; ++ static char destbuf[MAXPATHLEN +1]; + size_t destlen = MAXPATHLEN; + int len = 0; + +@@ -224,13 +251,15 @@ static char* pipexlate(char *src) + if (!src) + return NULL; + +- strncpy(dest, src, MAXPATHLEN); +- if ((p = strchr(src, '%')) == NULL) /* nothing to do */ ++ memset(dest, 0, MAXPATHLEN +1); ++ if ((p = strchr(src, '%')) == NULL) { /* nothing to do */ ++ strncpy(dest, src, MAXPATHLEN); + return destbuf; +- +- /* first part of the path. just forward to the next variable. */ ++ } ++ /* first part of the path. copy and forward to the next variable. */ + len = MIN((size_t)(p - src), destlen); + if (len > 0) { ++ strncpy(dest, src, len); + destlen -= len; + dest += len; + } +@@ -246,21 +275,24 @@ static char* pipexlate(char *src) + q = lp.lp_created_for; + } else if (is_var(p, "%%")) { + q = "%"; +- } else +- q = p; ++ } + + /* copy the stuff over. if we don't understand something that we + * should, just skip it over. */ + if (q) { +- len = MIN(p == q ? 2 : strlen(q), destlen); ++ len = MIN(strlen(q), destlen); ++ len = quote(dest, q, destlen, len); ++ } ++ else { ++ len = MIN(2, destlen); + strncpy(dest, q, len); +- dest += len; +- destlen -= len; + } ++ dest += len; ++ destlen -= len; + +- /* stuff up to next $ */ ++ /* stuff up to next % */ + src = p + 2; +- p = strchr(src, '$'); ++ p = strchr(src, '%'); + len = p ? MIN((size_t)(p - src), destlen) : destlen; + if (len > 0) { + strncpy(dest, src, len); |