summaryrefslogtreecommitdiff
path: root/print
diff options
context:
space:
mode:
authorwiz <wiz>2004-12-20 15:02:34 +0000
committerwiz <wiz>2004-12-20 15:02:34 +0000
commit062dd8e7abb0865e05d06888d3c035f0a41f1498 (patch)
tree1d8c454a705bf203bf77aa68f269f555345782b2 /print
parent2f75d8d98a71fe3ae568d479fcacf0ce87ad7b73 (diff)
downloadpkgsrc-062dd8e7abb0865e05d06888d3c035f0a41f1498.tar.gz
Apply patch from Rudolf Polzer against CAN-2004-1170.
See http://archives.neohapsis.com/archives/fulldisclosure/2004-08/1026.html Bump PKGREVISION.
Diffstat (limited to 'print')
-rw-r--r--print/a2ps/Makefile4
-rw-r--r--print/a2ps/distinfo3
-rw-r--r--print/a2ps/patches/patch-ac59
3 files changed, 63 insertions, 3 deletions
diff --git a/print/a2ps/Makefile b/print/a2ps/Makefile
index 45d4c59a1b9..72153797a2a 100644
--- a/print/a2ps/Makefile
+++ b/print/a2ps/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.49 2004/10/03 00:18:03 tv Exp $
+# $NetBSD: Makefile,v 1.50 2004/12/20 15:02:34 wiz Exp $
DISTNAME= a2ps-4.13b
PKGNAME= a2ps-4.13.0.2
-PKGREVISION= 4
+PKGREVISION= 5
CATEGORIES= print
MASTER_SITES= ${MASTER_SITE_GNU:=a2ps/} \
ftp://ftp.enst.fr/pub/unix/a2ps/
diff --git a/print/a2ps/distinfo b/print/a2ps/distinfo
index e4dd7f331a6..4b701bb1953 100644
--- a/print/a2ps/distinfo
+++ b/print/a2ps/distinfo
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.6 2002/11/26 11:02:05 jmmv Exp $
+$NetBSD: distinfo,v 1.7 2004/12/20 15:02:34 wiz Exp $
SHA1 (a2ps-4.13b.tar.gz) = cfc79a3e54115e569f667fa3fd2c2ec16d22b31a
Size (a2ps-4.13b.tar.gz) = 1944289 bytes
SHA1 (patch-aa) = 67f0c9ddf6e9829aeecb3de596c925d451990877
SHA1 (patch-ab) = ba7446a32733d60910036190be957045d4ec1218
+SHA1 (patch-ac) = 5daaedd3866c731206b829124d8a3f4741512d17
diff --git a/print/a2ps/patches/patch-ac b/print/a2ps/patches/patch-ac
new file mode 100644
index 00000000000..9fa95435677
--- /dev/null
+++ b/print/a2ps/patches/patch-ac
@@ -0,0 +1,59 @@
+$NetBSD: patch-ac,v 1.5 2004/12/20 15:02:34 wiz Exp $
+
+--- src/select.c.orig 1999-12-16 02:04:56.000000000 +0100
++++ src/select.c
+@@ -131,6 +131,36 @@ sheets_map_load_main (void)
+ return 1;
+ }
+
++/* escapes the name of a file so that the shell groks it in 'single' q.marks.
++ The resulting pointer has to be free()ed when not longer used. */
++char *
++shell_escape(const char *fn)
++{
++ size_t len = 0;
++ const char *inp;
++ char *retval, *outp;
++
++ for(inp = fn; *inp; ++inp)
++ switch(*inp)
++ {
++ case '\'': len += 4; break;
++ default: len += 1; break;
++ }
++
++ outp = retval = malloc(len + 1);
++ if(!outp)
++ return NULL; /* perhaps one should do better error handling here */
++ for(inp = fn; *inp; ++inp)
++ switch(*inp)
++ {
++ case '\'': *outp++ = '\''; *outp++ = '\\'; *outp++ = '\'', *outp++ = '\''; break;
++ default: *outp++ = *inp; break;
++ }
++ *outp = 0;
++
++ return retval;
++}
++
+ /* What says file about the type of a file (result is malloc'd). NULL
+ if could not be run. */
+
+@@ -144,11 +174,15 @@ file_verdict_on (const uchar *filename)
+ if (IS_EMPTY (job->file_command))
+ return NULL;
+
++ filename = shell_escape(filename);
++ if(filename == NULL)
++ return NULL;
+ /* Call file(1) with the correct option */
+- command = ALLOCA (char, (2
++ command = ALLOCA (char, (4
+ + strlen (job->file_command)
+ + ustrlen (filename)));
+- sprintf (command, "%s %s", job->file_command, (const char *) filename);
++ sprintf (command, "%s '%s'", job->file_command, (const char *) filename);
++ free(filename);
+ message (msg_tool, (stderr, "Reading pipe: `%s'\n", command));
+ file_out = popen (command, "r");
+