diff options
author | drochner <drochner@pkgsrc.org> | 2009-02-25 18:44:30 +0000 |
---|---|---|
committer | drochner <drochner@pkgsrc.org> | 2009-02-25 18:44:30 +0000 |
commit | 2fbcb7909c97d2d9ffe78aae14eb7270eada9f32 (patch) | |
tree | 0f5079212c5ea6ae0a565138b2ffdb7e16837f01 /print | |
parent | 70c1b53c83762e9174d4ffd83a29c3be0f369607 (diff) | |
download | pkgsrc-2fbcb7909c97d2d9ffe78aae14eb7270eada9f32.tar.gz |
pull in a patch from redhat to fix a buffer overflow (CVE-2008-3863),
bump PKGREVISION
Diffstat (limited to 'print')
-rw-r--r-- | print/enscript/Makefile | 3 | ||||
-rw-r--r-- | print/enscript/distinfo | 4 | ||||
-rw-r--r-- | print/enscript/patches/patch-ab | 99 |
3 files changed, 98 insertions, 8 deletions
diff --git a/print/enscript/Makefile b/print/enscript/Makefile index cdab9c2a21e..491e686389b 100644 --- a/print/enscript/Makefile +++ b/print/enscript/Makefile @@ -1,7 +1,8 @@ -# $NetBSD: Makefile,v 1.42 2009/02/13 18:53:28 abs Exp $ +# $NetBSD: Makefile,v 1.43 2009/02/25 18:44:30 drochner Exp $ # DISTNAME= enscript-1.6.4 +PKGREVISION= 1 CATEGORIES= print MASTER_SITES= http://www.iki.fi/mtr/genscript/ diff --git a/print/enscript/distinfo b/print/enscript/distinfo index f28e8e4775b..2be870657a0 100644 --- a/print/enscript/distinfo +++ b/print/enscript/distinfo @@ -1,10 +1,10 @@ -$NetBSD: distinfo,v 1.8 2009/02/13 18:53:28 abs Exp $ +$NetBSD: distinfo,v 1.9 2009/02/25 18:44:30 drochner Exp $ SHA1 (enscript-1.6.4.tar.gz) = 9dd7128a508d4c9671659b9520028d12add50cfa RMD160 (enscript-1.6.4.tar.gz) = 9050728f14500f0360c5a4e258cba0646694bfeb Size (enscript-1.6.4.tar.gz) = 1036734 bytes SHA1 (patch-aa) = 0b095dbb1681b121a417bd7b3fb2dff351fcfa86 -SHA1 (patch-ab) = fa3103f949bf3a564afab7754a57de6b5c8cea3b +SHA1 (patch-ab) = 67cf45f43ad282174b5bbaf8c60be3448c76f235 SHA1 (patch-ac) = d43a55bfde2afe9bf49ab8cdd6bf7b2205d3952b SHA1 (patch-ad) = 31e461f8b2647699a2847445703745a07994e571 SHA1 (patch-ae) = 311ee615f231adbeece251606617065d306249ac diff --git a/print/enscript/patches/patch-ab b/print/enscript/patches/patch-ab index a66f840b472..1217c51890c 100644 --- a/print/enscript/patches/patch-ab +++ b/print/enscript/patches/patch-ab @@ -1,8 +1,97 @@ -$NetBSD: patch-ab,v 1.3 2009/02/13 18:53:28 abs Exp $ +$NetBSD: patch-ab,v 1.4 2009/02/25 18:44:30 drochner Exp $ ---- src/psgen.c.orig 2003-03-05 07:36:53.000000000 +0000 +--- src/psgen.c.orig 2003-03-05 08:36:53.000000000 +0100 +++ src/psgen.c -@@ -2034,8 +2034,9 @@ dump_ps_page_header (char *fname, int em +@@ -24,6 +24,7 @@ + * Boston, MA 02111-1307, USA. + */ + ++#include <limits.h> + #include "gsint.h" + + /* +@@ -124,7 +125,7 @@ struct gs_token_st + double xscale; + double yscale; + int llx, lly, urx, ury; /* Bounding box. */ +- char filename[512]; ++ char filename[PATH_MAX]; + char *skipbuf; + unsigned int skipbuf_len; + unsigned int skipbuf_pos; +@@ -135,11 +136,11 @@ struct gs_token_st + Color bgcolor; + struct + { +- char name[512]; ++ char name[PATH_MAX]; + FontPoint size; + InputEncoding encoding; + } font; +- char filename[512]; ++ char filename[PATH_MAX]; + } u; + }; + +@@ -248,7 +249,7 @@ static int do_print = 1; + static int user_fontp = 0; + + /* The user ^@font{}-defined font. */ +-static char user_font_name[256]; ++static char user_font_name[PATH_MAX]; + static FontPoint user_font_pt; + static InputEncoding user_font_encoding; + +@@ -978,7 +979,8 @@ large for page\n"), + FATAL ((stderr, + _("user font encoding can be only the system's default or `ps'"))); + +- strcpy (user_font_name, token.u.font.name); ++ memset (user_font_name, 0, sizeof(user_font_name)); ++ strncpy (user_font_name, token.u.font.name, sizeof(user_font_name) - 1); + user_font_pt.w = token.u.font.size.w; + user_font_pt.h = token.u.font.size.h; + user_font_encoding = token.u.font.encoding; +@@ -1444,7 +1446,7 @@ read_special_escape (InputStream *is, To + buf[i] = ch; + if (i + 1 >= sizeof (buf)) + FATAL ((stderr, _("too long argument for %s escape:\n%.*s"), +- escapes[i].name, i, buf)); ++ escapes[e].name, i, buf)); + } + buf[i] = '\0'; + +@@ -1452,7 +1454,8 @@ read_special_escape (InputStream *is, To + switch (escapes[e].escape) + { + case ESC_FONT: +- strcpy (token->u.font.name, buf); ++ memset (token->u.font.name, 0, sizeof(token->u.font.name)); ++ strncpy (token->u.font.name, buf, sizeof(token->u.font.name) - 1); + + /* Check for the default font. */ + if (strcmp (token->u.font.name, "default") == 0) +@@ -1465,7 +1468,8 @@ read_special_escape (InputStream *is, To + FATAL ((stderr, _("malformed font spec for ^@font escape: %s"), + token->u.font.name)); + +- strcpy (token->u.font.name, cp); ++ memset (token->u.font.name, 0, sizeof(token->u.font.name)); ++ strncpy (token->u.font.name, cp, sizeof(token->u.font.name) - 1); + xfree (cp); + } + token->type = tFONT; +@@ -1544,7 +1548,8 @@ read_special_escape (InputStream *is, To + break; + + case ESC_SETFILENAME: +- strcpy (token->u.filename, buf); ++ memset (token->u.filename, 0, sizeof(token->u.font.name)); ++ strncpy (token->u.filename, buf, sizeof(token->u.filename) - 1); + token->type = tSETFILENAME; + break; + +@@ -2034,8 +2039,9 @@ dump_ps_page_header (char *fname, int em else { ftail++; @@ -14,7 +103,7 @@ $NetBSD: patch-ab,v 1.3 2009/02/13 18:53:28 abs Exp $ } if (nup > 1) -@@ -2385,9 +2386,10 @@ recognize_eps_file (Token *token) +@@ -2385,9 +2391,10 @@ recognize_eps_file (Token *token) MESSAGE (2, (stderr, "^@epsf=\"%s\"\n", token->u.epsf.filename)); i = strlen (token->u.epsf.filename); @@ -26,7 +115,7 @@ $NetBSD: patch-ab,v 1.3 2009/02/13 18:53:28 abs Exp $ token->u.epsf.pipe = 1; token->u.epsf.filename[i - 1] = '\0'; token->u.epsf.fp = popen (token->u.epsf.filename, "r"); -@@ -2400,6 +2402,7 @@ recognize_eps_file (Token *token) +@@ -2400,6 +2407,7 @@ recognize_eps_file (Token *token) } } else |