4 files changed, 54 insertions, 30 deletions

diff --git a/shells/rssh/Makefile b/shells/rssh/Makefile
index ff8e17a182c..429db427221 100644
--- a/shells/rssh/Makefile
+++ b/shells/rssh/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.18 2016/02/26 09:43:09 jperkin Exp $
+# $NetBSD: Makefile,v 1.19 2018/04/13 16:59:13 he Exp $
 
 DISTNAME=	rssh-2.3.4
-PKGREVISION= 1
+PKGREVISION= 2
 CATEGORIES=	shells security
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE:=rssh/}
 
diff --git a/shells/rssh/distinfo b/shells/rssh/distinfo
index 3533727b019..8ebe58e325f 100644
--- a/shells/rssh/distinfo
+++ b/shells/rssh/distinfo
@@ -1,10 +1,10 @@
-$NetBSD: distinfo,v 1.9 2015/11/02 23:00:35 agc Exp $
+$NetBSD: distinfo,v 1.10 2018/04/13 16:59:13 he Exp $
 
 SHA1 (rssh-2.3.4.tar.gz) = e13ae1fdce4b0c89ef70f4695689139c8409e2e8
 RMD160 (rssh-2.3.4.tar.gz) = 4fdd086820fe67f6dc97671875c43dcad9c4afd3
 SHA512 (rssh-2.3.4.tar.gz) = c1a77abdf4abe5f936fb1c9c008fc81fabf7b624d69ed31fe2ae5619dfa4a79f1d4a4f2daa5291a36d40353fa2168e74e5ba61294230d702fcdc88ae0d520487
 Size (rssh-2.3.4.tar.gz) = 113315 bytes
 SHA1 (patch-aa) = 0210a1c717098e6afa760192cc8f9d6811d2fd9f
-SHA1 (patch-ab) = 19a5f7ffe3fef0c6aa17c1611c564c45a802ea96
+SHA1 (patch-main.c.in) = a23cba65fd8304b5bf365817c34d9a19884a464d
 SHA1 (patch-rsshconf.c) = a2c2b14bf3619f77cf4e3cbfeaaa4b356d145443
 SHA1 (patch-util.c) = dcfb7943662aaa733e99d78a810582af1d5d5581
diff --git a/shells/rssh/patches/patch-ab b/shells/rssh/patches/patch-ab
deleted file mode 100644
index f50dc91434d..00000000000
--- a/shells/rssh/patches/patch-ab
+++ /dev/null
@@ -1,26 +0,0 @@
-$NetBSD: patch-ab,v 1.2 2010/10/16 09:57:39 adam Exp $
-
---- main.c.in.orig	2010-08-01 19:43:30.000000000 +0000
-+++ main.c.in
-@@ -198,7 +198,7 @@ char **build_shell_args( struct passwd u
- 		 * build_arg_vector() in the chroot helper instead...
-                  */
- 
--		if ( !(argvec = (char **)malloc(6 * sizeof (char *))) ){
-+		if ( !(argvec = (char **)malloc(4 * sizeof (char *))) ){
- 			log_set_priority(LOG_ERR);
- 			log_msg("OOM error in build_shell_args() (fatal)");
- 			exit(1);
-@@ -229,9 +229,9 @@ char **build_shell_args( struct passwd u
- 		/* change the command to run to the chroot helper */
- 		*cmd = PATH_CHROOT_HELPER;
- 
--		/* set up buffer to log command line ('"' + ' ' + '\0' = 9) */
--		len = strlen(cmdline) +  strlen(argvec[2]) + 
--			strlen(PATH_CHROOT_HELPER) + 9;
-+		/* set up buffer to log command line (argvec[1] + '"' + ' ' + '\0' = 6) */
-+		len = strlen(cmdline) +
-+			strlen(PATH_CHROOT_HELPER) + 6;
- 		if ( !(temp = (char *)malloc(len)) ){
- 			log_set_priority(LOG_ERR);
- 			log_msg("OOM error in build_shell_args() (fatal)");
diff --git a/shells/rssh/patches/patch-main.c.in b/shells/rssh/patches/patch-main.c.in
new file mode 100644
index 00000000000..d0b920963a4
--- /dev/null
+++ b/shells/rssh/patches/patch-main.c.in
@@ -0,0 +1,50 @@
+$NetBSD: patch-main.c.in,v 1.1 2018/04/13 16:59:13 he Exp $
+
+Make a copy of the basename() result, so as to avoid a fortify
+abort due to overlapping memcpy() when the result from basename()
+is subsequently passed to basename().
+
+Also a fix related to memory allocation.
+
+--- main.c.in.orig	2012-11-26 05:02:17.000000000 +0000
++++ main.c.in
+@@ -92,6 +92,7 @@ int main( int argc, char **argv )
+ 	ShellOptions_t	opts;	/* options configured by config file */
+ 	struct passwd	uinfo;	/* info about the user running rssh */
+ 	struct passwd	*temp;	/* copy temp into uinfo */ 
++	char		*av0bn;
+ 
+ 	/* if we just want the version, give it an exit */
+ 	if ( argc == 2 && !( strcmp(argv[1], "-v")) ){
+@@ -117,7 +118,8 @@ int main( int argc, char **argv )
+ 	else
+ 		/* this probably should never happen */
+ 		username = "unknown user!";
+-	progname = strdup(log_make_ident(basename(argv[0])));
++	av0bn = strdup(basename(argv[0]));
++	progname = strdup(log_make_ident(av0bn));
+ 	log_set_facility(LOG_DAEMON);
+ 	log_open();
+ 
+@@ -198,7 +200,7 @@ char **build_shell_args( struct passwd u
+ 		 * build_arg_vector() in the chroot helper instead...
+                  */
+ 
+-		if ( !(argvec = (char **)malloc(6 * sizeof (char *))) ){
++		if ( !(argvec = (char **)malloc(4 * sizeof (char *))) ){
+ 			log_set_priority(LOG_ERR);
+ 			log_msg("OOM error in build_shell_args() (fatal)");
+ 			exit(1);
+@@ -229,9 +231,9 @@ char **build_shell_args( struct passwd u
+ 		/* change the command to run to the chroot helper */
+ 		*cmd = PATH_CHROOT_HELPER;
+ 
+-		/* set up buffer to log command line ('"' + ' ' + '\0' = 9) */
+-		len = strlen(cmdline) +  strlen(argvec[2]) + 
+-			strlen(PATH_CHROOT_HELPER) + 9;
++		/* set up buffer to log command line (argvec[1] + '"' + ' ' + '\0' = 6) */
++		len = strlen(cmdline) +
++			strlen(PATH_CHROOT_HELPER) + 6;
+ 		if ( !(temp = (char *)malloc(len)) ){
+ 			log_set_priority(LOG_ERR);
+ 			log_msg("OOM error in build_shell_args() (fatal)");