From bdae4a032986c8e43809d029aeb8b26a2e7c31ed Mon Sep 17 00:00:00 2001 From: sbd Date: Fri, 12 Nov 2010 08:59:42 +0000 Subject: using wildcards with 'cvs delete' dose not work\! --- print/cups/patches/patch-ba | 28 --------- print/cups/patches/patch-bb | 18 ------ print/cups/patches/patch-bc | 31 ---------- print/cups/patches/patch-bd | 142 -------------------------------------------- 4 files changed, 219 deletions(-) delete mode 100644 print/cups/patches/patch-ba delete mode 100644 print/cups/patches/patch-bb delete mode 100644 print/cups/patches/patch-bc delete mode 100644 print/cups/patches/patch-bd diff --git a/print/cups/patches/patch-ba b/print/cups/patches/patch-ba deleted file mode 100644 index 26fa9a3895a..00000000000 --- a/print/cups/patches/patch-ba +++ /dev/null @@ -1,28 +0,0 @@ -$NetBSD: patch-ba,v 1.4 2010/06/16 21:15:18 sbd Exp $ - -Incorporate 0001-More-complete-fix-for-CVE-2009-3553.patch from -http://www.cups.org/str.php?L3490 -"CVE-2010-0302: Incomplete fix for CVE-2009-3553 (STR #3200)" - ---- scheduler/select.c.orig 2010-01-14 22:40:19.000000000 +0000 -+++ scheduler/select.c -@@ -454,7 +454,8 @@ cupsdDoSelect(long timeout) /* I - Time - if (fdptr->read_cb && event->filter == EVFILT_READ) - (*(fdptr->read_cb))(fdptr->data); - -- if (fdptr->use > 1 && fdptr->write_cb && event->filter == EVFILT_WRITE) -+ if (fdptr->use > 1 && fdptr->write_cb && event->filter == EVFILT_WRITE && -+ !cupsArrayFind(cupsd_inactive_fds, fdptr)) - (*(fdptr->write_cb))(fdptr->data); - - release_fd(fdptr); -@@ -500,7 +501,8 @@ cupsdDoSelect(long timeout) /* I - Time - (*(fdptr->read_cb))(fdptr->data); - - if (fdptr->use > 1 && fdptr->write_cb && -- (event->events & (EPOLLOUT | EPOLLERR | EPOLLHUP))) -+ (event->events & (EPOLLOUT | EPOLLERR | EPOLLHUP)) && -+ !cupsArrayFind(cupsd_inactive_fds, fdptr)) - (*(fdptr->write_cb))(fdptr->data); - - release_fd(fdptr); diff --git a/print/cups/patches/patch-bb b/print/cups/patches/patch-bb deleted file mode 100644 index 9493adc7f65..00000000000 --- a/print/cups/patches/patch-bb +++ /dev/null @@ -1,18 +0,0 @@ -$NetBSD: patch-bb,v 1.6 2010/06/16 21:15:18 sbd Exp $ - -Incorporate str3577.patch from -http://www.cups.org/str.php?L3577 -"Memory disclosure in CUPS with admin URLs" - ---- cgi-bin/var.c.orig 2010-02-08 17:33:31.000000000 +0000 -+++ cgi-bin/var.c -@@ -927,6 +927,9 @@ cgi_initialize_string(const char *data) - * Read the hex code... - */ - -+ if (!isxdigit(data[1] & 255) || !isxdigit(data[2] & 255)) -+ return (0); -+ - if (s < (value + sizeof(value) - 1)) - { - data ++; diff --git a/print/cups/patches/patch-bc b/print/cups/patches/patch-bc deleted file mode 100644 index 5a5e0c7f15c..00000000000 --- a/print/cups/patches/patch-bc +++ /dev/null @@ -1,31 +0,0 @@ -$NetBSD: patch-bc,v 1.4 2010/06/16 21:15:18 sbd Exp $ - -Incorporate part of str3516.patch from -http://www.cups.org/str.php?L3516 -"Missing malloc checks in texttops" - ---- filter/texttops.c.orig 2008-11-06 16:42:18.000000000 +0000 -+++ filter/texttops.c -@@ -181,8 +181,20 @@ WriteProlog(const char *title, /* I - T - exit(1); - } - -- Page = calloc(sizeof(lchar_t *), SizeLines); -- Page[0] = calloc(sizeof(lchar_t), SizeColumns * SizeLines); -+ if ((Page = calloc(sizeof(lchar_t *), SizeLines)) == NULL) -+ { -+ _cupsLangPrintf(stderr, _("ERROR: Unable to print %dx%d text page!\n"), -+ SizeColumns, SizeLines); -+ exit(1); -+ } -+ -+ if ((Page[0] = calloc(sizeof(lchar_t), SizeColumns * SizeLines)) == NULL) -+ { -+ _cupsLangPrintf(stderr, _("ERROR: Unable to print %dx%d text page!\n"), -+ SizeColumns, SizeLines); -+ exit(1); -+ } -+ - for (i = 1; i < SizeLines; i ++) - Page[i] = Page[0] + i * SizeColumns; - diff --git a/print/cups/patches/patch-bd b/print/cups/patches/patch-bd deleted file mode 100644 index a5672705e00..00000000000 --- a/print/cups/patches/patch-bd +++ /dev/null @@ -1,142 +0,0 @@ -$NetBSD: patch-bd,v 1.5 2010/07/13 10:59:43 sbd Exp $ - -Incorporate str3510.patch from -http://www.cups.org/str.php?L3510 -"cups overwrites files as root in a directory with non-root write permission" - ---- cups/file.c.orig 2009-05-14 21:18:35.000000000 +0000 -+++ cups/file.c -@@ -59,6 +59,7 @@ - */ - - #include "file-private.h" -+#include - - - /* -@@ -69,6 +70,7 @@ - static ssize_t cups_compress(cups_file_t *fp, const char *buf, size_t bytes); - #endif /* HAVE_LIBZ */ - static ssize_t cups_fill(cups_file_t *fp); -+static int cups_open(const char *filename, int mode); - static ssize_t cups_read(cups_file_t *fp, char *buf, size_t bytes); - static ssize_t cups_write(cups_file_t *fp, const char *buf, size_t bytes); - -@@ -827,7 +829,8 @@ cupsFileOpen(const char *filename, /* I - switch (*mode) - { - case 'a' : /* Append file */ -- fd = open(filename, O_RDWR | O_CREAT | O_APPEND | O_LARGEFILE | O_BINARY, 0666); -+ fd = cups_open(filename, -+ O_RDWR | O_CREAT | O_APPEND | O_LARGEFILE | O_BINARY); - break; - - case 'r' : /* Read file */ -@@ -835,7 +838,17 @@ cupsFileOpen(const char *filename, /* I - break; - - case 'w' : /* Write file */ -- fd = open(filename, O_WRONLY | O_TRUNC | O_CREAT | O_LARGEFILE | O_BINARY, 0666); -+ fd = cups_open(filename, O_WRONLY | O_LARGEFILE | O_BINARY); -+ if (fd < 0 && errno == ENOENT) -+ { -+ fd = cups_open(filename, -+ O_WRONLY | O_CREAT | O_EXCL | O_LARGEFILE | O_BINARY); -+ if (fd < 0 && errno == EEXIST) -+ fd = cups_open(filename, O_WRONLY | O_LARGEFILE | O_BINARY); -+ } -+ -+ if (fd >= 0) -+ ftruncate(fd, 0); - break; - - case 's' : /* Read/write socket */ -@@ -2207,6 +2220,88 @@ cups_fill(cups_file_t *fp) /* I - CUPS - return (bytes); - } - -+/* -+ * 'cups_open()' - Safely open a file for writing. -+ * -+ * We don't allow appending to directories or files that are hard-linked or -+ * symlinked. -+ */ -+ -+static int /* O - File descriptor or -1 otherwise */ -+cups_open(const char *filename, /* I - Filename */ -+ int mode) /* I - Open mode */ -+{ -+ int fd; /* File descriptor */ -+ struct stat fileinfo; /* File information */ -+#ifndef WIN32 -+ struct stat linkinfo; /* Link information */ -+#endif /* !WIN32 */ -+ -+ -+ /* -+ * Open the file... -+ */ -+ -+ if ((fd = open(filename, mode, 0666)) < 0) -+ return (-1); -+ -+ /* -+ * Then verify that the file descriptor doesn't point to a directory or hard- -+ * linked file. -+ */ -+ -+ if (fstat(fd, &fileinfo)) -+ { -+ close(fd); -+ return (-1); -+ } -+ -+ if (fileinfo.st_nlink != 1) -+ { -+ close(fd); -+ errno = EPERM; -+ return (-1); -+ } -+ -+ if (S_ISDIR(fileinfo.st_mode)) -+ { -+ close(fd); -+ errno = EISDIR; -+ return (-1); -+ } -+ -+#ifndef WIN32 -+ /* -+ * Then use lstat to determine whether the filename is a symlink... -+ */ -+ -+ if (lstat(filename, &linkinfo)) -+ { -+ close(fd); -+ return (-1); -+ } -+ -+ if (S_ISLNK(linkinfo.st_mode) || -+ fileinfo.st_dev != linkinfo.st_dev || -+ fileinfo.st_ino != linkinfo.st_ino || -+#if defined(__FreeBSD__) || defined(__NetBSD__) || defined(__OpenBSD__) || defined(__APPLE__) || defined(__DragonFly__) -+ fileinfo.st_gen != linkinfo.st_gen || -+#endif -+ fileinfo.st_nlink != linkinfo.st_nlink || -+ fileinfo.st_mode != linkinfo.st_mode) -+ { -+ /* -+ * Yes, don't allow! -+ */ -+ -+ close(fd); -+ errno = EPERM; -+ return (-1); -+ } -+#endif /* !WIN32 */ -+ -+ return (fd); -+} - - /* - * 'cups_read()' - Read from a file descriptor. -- cgit v1.2.3