From 7e3119f98bb5b32aec1a0efdf7beaa4f2f6b8c0e Mon Sep 17 00:00:00 2001 From: tron Date: Sat, 23 May 2009 09:04:01 +0000 Subject: Update "cscope" package to version 15.7a. This version fixes the security vulnerability reported in CVE-2009-0148. --- devel/cscope/Makefile | 6 ++-- devel/cscope/distinfo | 20 +++--------- devel/cscope/patches/patch-ae | 22 ------------- devel/cscope/patches/patch-af | 20 ------------ devel/cscope/patches/patch-ag | 13 -------- devel/cscope/patches/patch-ah | 66 -------------------------------------- devel/cscope/patches/patch-ai | 74 ------------------------------------------- devel/cscope/patches/patch-aj | 25 --------------- devel/cscope/patches/patch-ak | 13 -------- devel/cscope/patches/patch-al | 13 -------- devel/cscope/patches/patch-am | 13 -------- devel/cscope/patches/patch-an | 13 -------- devel/cscope/patches/patch-ao | 13 -------- devel/cscope/patches/patch-ap | 42 ------------------------ 14 files changed, 7 insertions(+), 346 deletions(-) delete mode 100644 devel/cscope/patches/patch-ae delete mode 100644 devel/cscope/patches/patch-af delete mode 100644 devel/cscope/patches/patch-ag delete mode 100644 devel/cscope/patches/patch-ah delete mode 100644 devel/cscope/patches/patch-ai delete mode 100644 devel/cscope/patches/patch-aj delete mode 100644 devel/cscope/patches/patch-ak delete mode 100644 devel/cscope/patches/patch-al delete mode 100644 devel/cscope/patches/patch-am delete mode 100644 devel/cscope/patches/patch-an delete mode 100644 devel/cscope/patches/patch-ao delete mode 100644 devel/cscope/patches/patch-ap (limited to 'devel') diff --git a/devel/cscope/Makefile b/devel/cscope/Makefile index 803ccc3ebf3..3d8ba16a095 100644 --- a/devel/cscope/Makefile +++ b/devel/cscope/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.49 2008/12/17 17:01:15 ghen Exp $ +# $NetBSD: Makefile,v 1.50 2009/05/23 09:04:01 tron Exp $ -DISTNAME= cscope-15.6 -PKGREVISION= 2 +DISTNAME= cscope-15.7a CATEGORIES= devel MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=cscope/} +EXTRACT_SUFX= .tar.bz2 MAINTAINER= pkgsrc-users@NetBSD.org HOMEPAGE= http://cscope.sourceforge.net/ diff --git a/devel/cscope/distinfo b/devel/cscope/distinfo index 1a9269178d7..1efb75d4859 100644 --- a/devel/cscope/distinfo +++ b/devel/cscope/distinfo @@ -1,20 +1,8 @@ -$NetBSD: distinfo,v 1.18 2008/12/17 17:01:15 ghen Exp $ +$NetBSD: distinfo,v 1.19 2009/05/23 09:04:01 tron Exp $ -SHA1 (cscope-15.6.tar.gz) = f5f73dca1f223cf6905c09a7f0e8eb993fa5fd93 -RMD160 (cscope-15.6.tar.gz) = b93238d3c91782d032e028abcfde3c2a7491a9c9 -Size (cscope-15.6.tar.gz) = 391223 bytes +SHA1 (cscope-15.7a.tar.bz2) = f6348694e5443769add851f97fd39365e93dc474 +RMD160 (cscope-15.7a.tar.bz2) = 8bc904f636e8e6ea4542738095183475911858f9 +Size (cscope-15.7a.tar.bz2) = 361214 bytes SHA1 (patch-aa) = 40eb37ab0ffdf18830521031b174332bd544f2cb SHA1 (patch-ac) = 40a69af0eb5419de827b490c960803a736040f2c SHA1 (patch-ad) = 83cfd932c20c5860664ebb40ca0d0945da3f2953 -SHA1 (patch-ae) = d02ded0d2fb998450cc725b717f9d60a28191835 -SHA1 (patch-af) = 0cbf2e00612765221b62e57450f41bc69e760687 -SHA1 (patch-ag) = 332297168be35b8448a8f4ee7750698bfebcb726 -SHA1 (patch-ah) = a79523d1a7d685eab31f06085547f91a2fbb01ff -SHA1 (patch-ai) = 17b4d1be4303b858916f2d01446df4e5a142d08f -SHA1 (patch-aj) = 57a2a0060672ee145f0f55fefd72673cbfbf6b25 -SHA1 (patch-ak) = 74d5395066642792ec3d5ee611b21a7075757ab9 -SHA1 (patch-al) = 76a3a65fe80c7acf7cdf7f78bd4959f102ffdc72 -SHA1 (patch-am) = 2c08e2ccf22b3a3852c52d5177c7a08d206c1cdf -SHA1 (patch-an) = cef8d1d31a417125c516df403dce228ac92a307c -SHA1 (patch-ao) = 05ae43171f04320dc1a213510b0906d3387cf35f -SHA1 (patch-ap) = 6266006b14ac6f0a8063439e9f4521443948665a diff --git a/devel/cscope/patches/patch-ae b/devel/cscope/patches/patch-ae deleted file mode 100644 index d0617df3b56..00000000000 --- a/devel/cscope/patches/patch-ae +++ /dev/null @@ -1,22 +0,0 @@ -$NetBSD: patch-ae,v 1.10 2007/01/06 22:45:49 wiz Exp $ - ---- src/build.c.orig 2006-09-30 10:13:00.000000000 +0200 -+++ src/build.c -@@ -223,7 +223,7 @@ build(void) - if (strcmp(currentdir, home) == 0) { - strcpy(newdir, "$HOME"); - } else if (strncmp(currentdir, home, strlen(home)) == 0) { -- sprintf(newdir, "$HOME%s", currentdir + strlen(home)); -+ snprintf(newdir, sizeof(newdir), "$HOME%s", currentdir + strlen(home)); - } - /* sort the source file names (needed for rebuilding) */ - qsort(srcfiles, nsrcfiles, sizeof(char *), compare); -@@ -454,7 +454,7 @@ cscope: converting to new symbol databas - } - fstat(fileno(postings), &statstruct); - fclose(postings); -- sprintf(sortcommand, "env LC_ALL=C sort -T %s %s", tmpdir, temp1); -+ snprintf(sortcommand, sizeof(sortcommand), "env LC_ALL=C sort -T %s %s", tmpdir, temp1); - if ((postings = mypopen(sortcommand, "r")) == NULL) { - fprintf(stderr, "cscope: cannot open pipe to sort command\n"); - cannotindex(); diff --git a/devel/cscope/patches/patch-af b/devel/cscope/patches/patch-af deleted file mode 100644 index 890d110192e..00000000000 --- a/devel/cscope/patches/patch-af +++ /dev/null @@ -1,20 +0,0 @@ -$NetBSD: patch-af,v 1.9 2007/01/06 22:45:49 wiz Exp $ - ---- src/main.c.orig 2006-09-30 10:13:00.000000000 +0200 -+++ src/main.c -@@ -389,12 +389,12 @@ cscope: Could not create private temp di - * used instead of failing to open a non-existant database in - * the home directory - */ -- sprintf(path, "%s/%s", home, reffile); -+ snprintf(path, sizeof(path), "%s/%s", home, reffile); - if (isuptodate == NO || access(path, READ) == 0) { - reffile = my_strdup(path); -- sprintf(path, "%s/%s", home, invname); -+ snprintf(path, sizeof(path), "%s/%s", home, invname); - invname = my_strdup(path); -- sprintf(path, "%s/%s", home, invpost); -+ snprintf(path, sizeof(path), "%s/%s", home, invpost); - invpost = my_strdup(path); - } - } diff --git a/devel/cscope/patches/patch-ag b/devel/cscope/patches/patch-ag deleted file mode 100644 index 1822162abcd..00000000000 --- a/devel/cscope/patches/patch-ag +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: patch-ag,v 1.6 2007/01/06 22:45:49 wiz Exp $ - ---- src/command.c.orig 2006-09-30 10:13:00.000000000 +0200 -+++ src/command.c -@@ -739,7 +739,7 @@ changestring(void) - - /* make sure it can be changed */ - if (access(newfile, WRITE) != 0) { -- sprintf(msg, "Cannot write to file %s", newfile); -+ snprintf(msg, sizeof(msg), "Cannot write to file %s", newfile); - postmsg(msg); - anymarked = NO; - break; diff --git a/devel/cscope/patches/patch-ah b/devel/cscope/patches/patch-ah deleted file mode 100644 index bb9af11cfd1..00000000000 --- a/devel/cscope/patches/patch-ah +++ /dev/null @@ -1,66 +0,0 @@ -$NetBSD: patch-ah,v 1.7 2007/01/20 23:39:44 wiz Exp $ - ---- src/dir.c.orig 2006-09-30 10:13:00.000000000 +0200 -+++ src/dir.c -@@ -139,7 +139,7 @@ sourcedir(char *dirlist) - - /* compute its path from higher view path source dirs */ - for (i = 1; i < nvpsrcdirs; ++i) { -- sprintf(path, "%.*s/%s", -+ snprintf(path, sizeof(path), "%.*s/%s", - PATHLEN - 2 - dir_len, - srcdirs[i], dir); - addsrcdir(path); -@@ -207,7 +207,7 @@ includedir(char *dirlist) - - /* compute its path from higher view path source dirs */ - for (i = 1; i < nvpsrcdirs; ++i) { -- sprintf(path, "%.*s/%s", -+ snprintf(path, sizeof(path), "%.*s/%s", - PATHLEN - 2 - dir_len, - srcdirs[i], dir); - addincdir(dir, path); -@@ -482,8 +482,6 @@ scan_dir(const char *adir, BOOL recurse_ - DIR *dirfile; - int adir_len = strlen(adir); - -- /* FIXME: no guards against adir_len > PATHLEN, yet */ -- - if ((dirfile = opendir(adir)) != NULL) { - struct dirent *entry; - char path[PATHLEN + 1]; -@@ -494,7 +492,7 @@ scan_dir(const char *adir, BOOL recurse_ - && (strcmp("..",entry->d_name) != 0)) { - struct stat buf; - -- sprintf(path,"%s/%.*s", adir, -+ snprintf(path, sizeof(path), "%s/%.*s", adir, - PATHLEN - 2 - adir_len, - entry->d_name); - -@@ -604,14 +602,14 @@ incfile(char *file, char *type) - /* search for the file in the #include directory list */ - for (i = 0; i < nincdirs; ++i) { - /* don't include the file from two directories */ -- sprintf(name, "%.*s/%s", -+ snprintf(name, sizeof(name), "%.*s/%s", - PATHLEN - 2 - file_len, incnames[i], - file); - if (infilelist(name) == YES) { - break; - } - /* make sure it exists and is readable */ -- sprintf(path, "%.*s/%s", -+ snprintf(path, sizeof(path), "%.*s/%s", - PATHLEN - 2 - file_len, incdirs[i], - file); - if (access(compath(path), READ) == 0) { -@@ -659,7 +657,7 @@ inviewpath(char *file) - - /* compute its path from higher view path source dirs */ - for (i = 1; i < nvpsrcdirs; ++i) { -- sprintf(path, "%.*s/%s", -+ snprintf(path, sizeof(path), "%.*s/%s", - PATHLEN - 2 - file_len, srcdirs[i], - file); - if (access(compath(path), READ) == 0) { diff --git a/devel/cscope/patches/patch-ai b/devel/cscope/patches/patch-ai deleted file mode 100644 index d2f1f2e4724..00000000000 --- a/devel/cscope/patches/patch-ai +++ /dev/null @@ -1,74 +0,0 @@ -$NetBSD: patch-ai,v 1.6 2007/01/06 22:45:49 wiz Exp $ - ---- src/display.c.orig 2006-09-30 08:13:00.000000000 +0000 -+++ src/display.c -@@ -478,21 +478,25 @@ search(void) - /* see if it is empty */ - if ((c = getc(refsfound)) == EOF) { - if (findresult != NULL) { -- (void) sprintf(lastmsg, "Egrep %s in this pattern: %s", -- findresult, Pattern); -- } else if (rc == NOTSYMBOL) { -- (void) sprintf(lastmsg, "This is not a C symbol: %s", -- Pattern); -- } else if (rc == REGCMPERROR) { -- (void) sprintf(lastmsg, "Error in this regcomp(3) regular expression: %s", -- Pattern); -+ (void) snprintf(lastmsg, sizeof(lastmsg), "Egrep %s in this pattern: %s", -+ findresult, Pattern); -+ } -+ else if (rc == NOTSYMBOL) { -+ (void) snprintf(lastmsg, sizeof(lastmsg), "This is not a C symbol: %s", -+ Pattern); -+ } -+ else if (rc == REGCMPERROR) { -+ (void) snprintf(lastmsg, sizeof(lastmsg), "Error in this regcomp(3) regular expression: %s", -+ Pattern); - -- } else if (funcexist == NO) { -- (void) sprintf(lastmsg, "Function definition does not exist: %s", -- Pattern); -- } else { -- (void) sprintf(lastmsg, "Could not find the %s: %s", -- fields[field].text2, Pattern); -+ } -+ else if (funcexist == NO) { -+ (void) snprintf(lastmsg, sizeof(lastmsg), "Function definition does not exist: %s", -+ Pattern); -+ } -+ else { -+ (void) snprintf(lastmsg, sizeof(lastmsg), "Could not find the %s: %s", -+ fields[field].text2, Pattern); - } - return(NO); - } -@@ -527,17 +531,17 @@ progress(char *what, long current, long - move(MSGLINE, 0); - clrtoeol(); - addstr(what); -- sprintf(msg, "%ld", current); -+ snprintf(msg, sizeof(msg), "%ld", current); - move(MSGLINE, (COLS / 2) - (strlen(msg) / 2)); - addstr(msg); -- sprintf(msg, "%ld", max); -+ snprintf(msg, sizeof(msg), "%ld", max); - move(MSGLINE, COLS - strlen(msg)); - addstr(msg); - refresh(); - } - else if (verbosemode == YES) - { -- sprintf(msg, "> %s %ld of %ld", what, current, max); -+ snprintf(msg, sizeof(msg), "> %s %ld of %ld", what, current, max); - } - - start = now; -@@ -575,7 +579,7 @@ myperror(char *text) - s = sys_errlist[errno]; - } - #endif -- (void) sprintf(msg, "%s: %s", text, s); -+ (void) snprintf(msg, sizeof(msg), "%s: %s", text, s); - postmsg(msg); - } - diff --git a/devel/cscope/patches/patch-aj b/devel/cscope/patches/patch-aj deleted file mode 100644 index 62bfdb92630..00000000000 --- a/devel/cscope/patches/patch-aj +++ /dev/null @@ -1,25 +0,0 @@ -$NetBSD: patch-aj,v 1.4 2007/01/06 22:45:49 wiz Exp $ - ---- src/edit.c.orig 2006-09-30 10:13:00.000000000 +0200 -+++ src/edit.c -@@ -105,9 +105,9 @@ edit(char *file, char *linenum) - char *s; - - file = filepath(file); -- (void) sprintf(msg, "%s +%s %s", mybasename(editor), linenum, file); -+ (void) snprintf(msg, sizeof(msg), "%s +%s %s", mybasename(editor), linenum, file); - postmsg(msg); -- (void) sprintf(plusnum, lineflag, linenum); -+ (void) snprintf(plusnum, sizeof(plusnum), lineflag, linenum); - /* if this is the more or page commands */ - if (strcmp(s = mybasename(editor), "more") == 0 || strcmp(s, "page") == 0) { - -@@ -132,7 +132,7 @@ filepath(char *file) - static char path[PATHLEN + 1]; - - if (prependpath != NULL && *file != '/') { -- (void) sprintf(path, "%s/%s", prependpath, file); -+ (void) snprintf(path, sizeof(path), "%s/%s", prependpath, file); - file = path; - } - return(file); diff --git a/devel/cscope/patches/patch-ak b/devel/cscope/patches/patch-ak deleted file mode 100644 index a558b6e11e0..00000000000 --- a/devel/cscope/patches/patch-ak +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: patch-ak,v 1.3 2007/01/06 22:45:49 wiz Exp $ - ---- src/exec.c.orig 2006-09-30 10:13:00.000000000 +0200 -+++ src/exec.c -@@ -123,7 +123,7 @@ myexecvp(char *a, char **args) - - /* execute the program or shell script */ - execvp(a, args); /* returns only on failure */ -- sprintf(msg, "\nCannot exec %s", a); -+ (void) sprintf(msg, sizeof(msg), "\nCannot exec %s", a); - perror(msg); /* display the reason */ - askforreturn(); /* wait until the user sees the message */ - myexit(1); /* exit the child */ diff --git a/devel/cscope/patches/patch-al b/devel/cscope/patches/patch-al deleted file mode 100644 index e598a731be0..00000000000 --- a/devel/cscope/patches/patch-al +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: patch-al,v 1.3 2007/01/06 22:45:49 wiz Exp $ - ---- src/find.c.orig 2006-09-30 10:13:00.000000000 +0200 -+++ src/find.c -@@ -673,7 +673,7 @@ findinit(char *pattern) - /* must be an exact match */ - /* note: regcomp doesn't recognize ^*keypad$ as a syntax error - unless it is given as a single arg */ -- (void) sprintf(buf, "^%s$", s); -+ (void) snprintf(buf, sizeof(buf), "^%s$", s); - if (regcomp (®exp, buf, REG_EXTENDED | REG_NOSUB) != 0) { - return(REGCMPERROR); - } diff --git a/devel/cscope/patches/patch-am b/devel/cscope/patches/patch-am deleted file mode 100644 index 3200b0dd1ba..00000000000 --- a/devel/cscope/patches/patch-am +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: patch-am,v 1.2 2006/05/29 13:51:20 tron Exp $ - ---- src/vpaccess.c.orig 2001-07-18 14:49:02.000000000 +0100 -+++ src/vpaccess.c 2006-05-29 14:34:26.000000000 +0100 -@@ -49,7 +49,7 @@ - if ((returncode = access(path, amode)) == -1 && path[0] != '/') { - vpinit(NULL); - for (i = 1; i < vpndirs; i++) { -- (void) sprintf(buf, "%s/%s", vpdirs[i], path); -+ (void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], path); - if ((returncode = access(buf, amode)) != -1) { - break; - } diff --git a/devel/cscope/patches/patch-an b/devel/cscope/patches/patch-an deleted file mode 100644 index 64c5df9b974..00000000000 --- a/devel/cscope/patches/patch-an +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: patch-an,v 1.2 2006/05/29 13:51:20 tron Exp $ - ---- src/vpfopen.c.orig 2001-07-18 14:49:02.000000000 +0100 -+++ src/vpfopen.c 2006-05-29 14:34:26.000000000 +0100 -@@ -53,7 +53,7 @@ - ) { - vpinit(NULL); - for (i = 1; i < vpndirs; i++) { -- (void) sprintf(buf, "%s/%s", vpdirs[i], filename); -+ (void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], filename); - if ((returncode = myfopen(buf, type)) != NULL) { - break; - } diff --git a/devel/cscope/patches/patch-ao b/devel/cscope/patches/patch-ao deleted file mode 100644 index 7ff7668f17f..00000000000 --- a/devel/cscope/patches/patch-ao +++ /dev/null @@ -1,13 +0,0 @@ -$NetBSD: patch-ao,v 1.2 2006/05/29 13:51:20 tron Exp $ - ---- src/vpopen.c.orig 2002-07-29 13:37:50.000000000 +0100 -+++ src/vpopen.c 2006-05-29 14:34:26.000000000 +0100 -@@ -52,7 +52,7 @@ - oflag == OPENFLAG_READ) { - vpinit(NULL); - for (i = 1; i < vpndirs; i++) { -- (void) sprintf(buf, "%s/%s", vpdirs[i], path); -+ (void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], path); - if ((returncode = myopen(buf, oflag, 0666)) != -1) { - break; - } diff --git a/devel/cscope/patches/patch-ap b/devel/cscope/patches/patch-ap deleted file mode 100644 index 0237f5cb791..00000000000 --- a/devel/cscope/patches/patch-ap +++ /dev/null @@ -1,42 +0,0 @@ -$NetBSD: patch-ap,v 1.3 2008/12/17 17:01:15 ghen Exp $ - ---- src/main.c.orig 2008-12-17 11:50:30.000000000 +0100 -+++ src/main.c 2008-12-17 11:50:45.000000000 +0100 -@@ -128,7 +128,8 @@ - (void) sig; - (void) info; - (void) unused; -- ungetch(KEY_RESIZE); -+ if (incurses == YES) -+ ungetch(KEY_RESIZE); - } - #endif - -@@ -153,12 +154,7 @@ - yyout = stdout; - /* save the command name for messages */ - argv0 = argv[0]; --#if defined(KEY_RESIZE) && !defined(__DJGPP__) -- winch_action.sa_sigaction = sigwinch_handler; -- sigemptyset(&winch_action.sa_mask); -- winch_action.sa_flags = SA_SIGINFO; -- sigaction(SIGWINCH,&winch_action,NULL); --#endif -+ - /* set the options */ - while (--argc > 0 && (*++argv)[0] == '-') { - /* HBB 20030814: add GNU-style --help and --version options */ -@@ -403,6 +399,13 @@ - signal(SIGINT, SIG_IGN); /* ignore interrupts */ - signal(SIGPIPE, SIG_IGN);/* | command can cause pipe signal */ - -+#if defined(KEY_RESIZE) && !defined(__DJGPP__) -+ winch_action.sa_sigaction = sigwinch_handler; -+ sigemptyset(&winch_action.sa_mask); -+ winch_action.sa_flags = SA_SIGINFO; -+ sigaction(SIGWINCH,&winch_action,NULL); -+#endif -+ - /* initialize the curses display package */ - initscr(); /* initialize the screen */ - entercurses(); -- cgit v1.2.3