From 2190f786de92b1c875a22e46d015159a126e67be Mon Sep 17 00:00:00 2001 From: wiz Date: Fri, 21 Jan 2005 14:42:10 +0000 Subject: Add two patches from RedHat, fixing CAN-2004-0947 and CAN-2004-1027. Bump PKGREVISION. --- archivers/unarj/Makefile | 3 +- archivers/unarj/distinfo | 6 ++- archivers/unarj/files/Makefile | 4 +- archivers/unarj/patches/patch-ab | 86 ++++++++++++++++++++++++++++++++++++++++ archivers/unarj/patches/patch-ad | 58 +++++++++++++++++++++++++++ 5 files changed, 153 insertions(+), 4 deletions(-) create mode 100644 archivers/unarj/patches/patch-ab create mode 100644 archivers/unarj/patches/patch-ad (limited to 'archivers') diff --git a/archivers/unarj/Makefile b/archivers/unarj/Makefile index 51be92d024f..acaeb449abf 100644 --- a/archivers/unarj/Makefile +++ b/archivers/unarj/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.18 2005/01/21 14:30:05 wiz Exp $ +# $NetBSD: Makefile,v 1.19 2005/01/21 14:42:10 wiz Exp $ DISTNAME= unarj-2.65 +PKGREVISION= 1 CATEGORIES= archivers MASTER_SITES= # diff --git a/archivers/unarj/distinfo b/archivers/unarj/distinfo index 43928e167f3..92a9a5546a6 100644 --- a/archivers/unarj/distinfo +++ b/archivers/unarj/distinfo @@ -1,6 +1,8 @@ -$NetBSD: distinfo,v 1.3 2005/01/21 14:30:05 wiz Exp $ +$NetBSD: distinfo,v 1.4 2005/01/21 14:42:10 wiz Exp $ SHA1 (unarj-2.65.tar.gz) = 56843e95e6b6ac7577dfdfbfee5af166b5e2c74f Size (unarj-2.65.tar.gz) = 74911 bytes -SHA1 (patch-aa) = d864780eb564e8035379b06f20b5c8a8e19d5f83 +SHA1 (patch-aa) = 2029b106a498624902639897ae539fd54a0d1052 +SHA1 (patch-ab) = 15216bc07298ce0956bfbadfaae763622ee88a0c SHA1 (patch-ac) = 59245f61d731e2fd6dc101fefe0f62db0c55b55e +SHA1 (patch-ad) = 46c469ade1a20da7e3ac633652e4ec926ba2b08f diff --git a/archivers/unarj/files/Makefile b/archivers/unarj/files/Makefile index 76046e9a610..e59225eee30 100644 --- a/archivers/unarj/files/Makefile +++ b/archivers/unarj/files/Makefile @@ -9,7 +9,9 @@ environ.o: environ.c unarj.h decode.o: decode.c unarj.h -OBJS = unarj.o decode.o environ.o +sanitize.o: sanitize.c unarj.h + +OBJS = unarj.o decode.o environ.o sanitize.o unarj: $(OBJS) $(CC) $(LDFLAGS) $(OBJS) -o unarj diff --git a/archivers/unarj/patches/patch-ab b/archivers/unarj/patches/patch-ab new file mode 100644 index 00000000000..3fdf8e5aa3d --- /dev/null +++ b/archivers/unarj/patches/patch-ab @@ -0,0 +1,86 @@ +$NetBSD: patch-ab,v 1.4 2005/01/21 14:42:10 wiz Exp $ + +--- sanitize.c.orig 2005-01-21 15:34:42.000000000 +0100 ++++ sanitize.c +@@ -0,0 +1,81 @@ ++/* ++ * Path sanitation code by Ludwig Nussel . Public Domain. ++ */ ++ ++#include "unarj.h" ++ ++#include ++#include ++#include ++ ++#ifndef PATH_CHAR ++#define PATH_CHAR '/' ++#endif ++#ifndef MIN ++#define MIN(x,y) ((x)<(y)?(x):(y)) ++#endif ++ ++/* copy src into dest converting the path to a relative one inside the current ++ * directory. dest must hold at least len bytes */ ++void copy_path_relative(char *dest, char *src, size_t len) ++{ ++ char* o = dest; ++ char* p = src; ++ ++ *o = '\0'; ++ ++ while(*p && *p == PATH_CHAR) ++p; ++ for(; len && *p;) ++ { ++ src = p; ++ p = strchr(src, PATH_CHAR); ++ if(!p) p = src+strlen(src); ++ ++ /* . => skip */ ++ if(p-src == 1 && *src == '.' ) ++ { ++ if(*p) src = ++p; ++ } ++ /* .. => pop one */ ++ else if(p-src == 2 && *src == '.' && src[1] == '.') ++ { ++ if(o != dest) ++ { ++ char* tmp; ++ *o = '\0'; ++ tmp = strrchr(dest, PATH_CHAR); ++ if(!tmp) ++ { ++ len += o-dest; ++ o = dest; ++ if(*p) ++p; ++ } ++ else ++ { ++ len += o-tmp; ++ o = tmp; ++ if(*p) ++p; ++ } ++ } ++ else /* nothing to pop */ ++ if(*p) ++p; ++ } ++ else ++ { ++ size_t copy; ++ if(o != dest) ++ { ++ --len; ++ *o++ = PATH_CHAR; ++ } ++ copy = MIN(p-src,len); ++ memcpy(o, src, copy); ++ len -= copy; ++ src += copy; ++ o += copy; ++ if(*p) ++p; ++ } ++ while(*p && *p == PATH_CHAR) ++p; ++ } ++ o[len?0:-1] = '\0'; ++} diff --git a/archivers/unarj/patches/patch-ad b/archivers/unarj/patches/patch-ad new file mode 100644 index 00000000000..69c865c0b9b --- /dev/null +++ b/archivers/unarj/patches/patch-ad @@ -0,0 +1,58 @@ +$NetBSD: patch-ad,v 1.1 2005/01/21 14:42:10 wiz Exp $ + +--- unarj.c.orig 2002-06-05 12:28:06.000000000 +0200 ++++ unarj.c +@@ -213,7 +213,7 @@ static uchar arj_flags; + static short method; + static uint file_mode; + static ulong time_stamp; +-static short entry_pos; ++static ushort entry_pos; + static ushort host_data; + static uchar *get_ptr; + static UCRC file_crc; +@@ -231,6 +231,8 @@ static UCRC crctable[UCHAR_MAX + 1]; + + /* Functions */ + ++void copy_path_relative(char *dest, char *src, size_t len); ++ + static void + make_crctable() + { +@@ -604,6 +606,7 @@ char *name; + error(M_BADHEADR, ""); + + crc = CRC_MASK; ++ memset(header, 0, sizeof(header)); + fread_crc(header, (int) headersize, fd); + header_crc = fget_crc(fd); + if ((crc ^ CRC_MASK) != header_crc) +@@ -628,9 +631,13 @@ char *name; + + if (origsize < 0 || compsize < 0) + error(M_HEADRCRC, ""); ++ if(first_hdr_size > headersize-2) /* need two \0 for file and comment */ ++ error(M_BADHEADR, ""); + + hdr_filename = (char *)&header[first_hdr_size]; + strncopy(filename, hdr_filename, sizeof(filename)); ++ if(entry_pos >= strlen(filename)) ++ error(M_BADHEADR, ""); + if (host_os != OS) + strparity((uchar *)filename); + if ((arj_flags & PATHSYM_FLAG) != 0) +@@ -727,11 +734,11 @@ extract() + + no_output = 0; + if (command == 'E') +- strcpy(name, &filename[entry_pos]); ++ copy_path_relative(name, &filename[entry_pos], sizeof(name)); + else + { + strcpy(name, DEFAULT_DIR); +- strcat(name, filename); ++ copy_path_relative(name+strlen(name), filename, sizeof(name)-strlen(name)); + } + + if (host_os != OS) -- cgit v1.2.3