diff options
| author | bsiegert <bsiegert> | 2015-05-23 13:11:07 +0000 |
|---|---|---|
| committer | bsiegert <bsiegert> | 2015-05-23 13:11:07 +0000 |
| commit | f81550ff447a20bd303ec32bce790c08ff245fb9 (patch) | |
| tree | 9679b8b6308fd4f5e88c89d67c66c79ecc6533bd /sysutils | |
| parent | 114f1c72c8cbe37273ff0eb1e2ba9f847f5d2c7f (diff) | |
| download | pkgsrc-f81550ff447a20bd303ec32bce790c08ff245fb9.tar.gz | |
SECURITY: add patch for denial-of-service vulnerability. From Matthias
Ferdinand via pkgsrc-users. Bump PKGREVISION.
Diffstat (limited to 'sysutils')
| -rw-r--r-- | sysutils/file/Makefile | 3 | ||||
| -rw-r--r-- | sysutils/file/distinfo | 3 | ||||
| -rw-r--r-- | sysutils/file/patches/patch-src_softmagic.c | 20 |
3 files changed, 24 insertions, 2 deletions
diff --git a/sysutils/file/Makefile b/sysutils/file/Makefile index f07ee545add..a76fe628b5d 100644 --- a/sysutils/file/Makefile +++ b/sysutils/file/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.34 2015/03/22 09:48:51 bsiegert Exp $ +# $NetBSD: Makefile,v 1.35 2015/05/23 13:11:07 bsiegert Exp $ DISTNAME= file-5.22 +PKGREVISION= 1 CATEGORIES= sysutils MASTER_SITES= ftp://ftp.astron.com/pub/file/ diff --git a/sysutils/file/distinfo b/sysutils/file/distinfo index e42ad1c5702..4f69e8ad905 100644 --- a/sysutils/file/distinfo +++ b/sysutils/file/distinfo @@ -1,4 +1,4 @@ -$NetBSD: distinfo,v 1.22 2015/03/27 18:57:43 bsiegert Exp $ +$NetBSD: distinfo,v 1.23 2015/05/23 13:11:07 bsiegert Exp $ SHA1 (file-5.22.tar.gz) = 20fa06592291555f2b478ea2fb70b53e9e8d1f7c RMD160 (file-5.22.tar.gz) = 73b5e5c128a6ecb2b870590728cc9013fe0c9dbb @@ -6,3 +6,4 @@ Size (file-5.22.tar.gz) = 732556 bytes SHA1 (patch-aa) = d3aa3667e3d28ac1268b83de2de372ba083705fc SHA1 (patch-src_compress.c) = 63407a3103bb1e77a5c8f1a5e859eb884ad55b3a SHA1 (patch-src_fsmagic.c) = ee770cf37dfdfbc5a7c123d2691312610b76e76e +SHA1 (patch-src_softmagic.c) = 5952a49b75b1a6968179cd61f28e7731caeb3e17 diff --git a/sysutils/file/patches/patch-src_softmagic.c b/sysutils/file/patches/patch-src_softmagic.c new file mode 100644 index 00000000000..531dfc265b2 --- /dev/null +++ b/sysutils/file/patches/patch-src_softmagic.c @@ -0,0 +1,20 @@ +$NetBSD: patch-src_softmagic.c,v 1.1 2015/05/23 13:11:07 bsiegert Exp $ + +contains fix from +https://github.com/file/file/commit/3046c231e1a2fcdd5033bea0603c23f435a00bd7 + +--- src/softmagic.c.orig 2015-01-01 17:07:34.000000000 +0000 ++++ src/softmagic.c +@@ -1116,10 +1116,8 @@ mcopy(struct magic_set *ms, union VALUET + bytecnt = m->str_range; + } + +- if (bytecnt == 0) +- bytecnt = 8192; +- if (bytecnt > nbytes) +- bytecnt = nbytes; ++ if (bytecnt == 0 || bytecnt > nbytes - offset) ++ bytecnt = nbytes - offset; + + buf = RCAST(const char *, s) + offset; + end = last = RCAST(const char *, s) + bytecnt; |