From c62bd8121a11ca5e2a6d1059ea796264ff2f571d Mon Sep 17 00:00:00 2001 From: roy Date: Fri, 13 Mar 2009 10:11:14 +0000 Subject: Fix postgresql driver to escape strings properly. Fix a tiny pkglint warning. Bump revision. --- mail/dspam/Makefile | 3 ++- mail/dspam/distinfo | 3 ++- mail/dspam/options.mk | 6 +++--- mail/dspam/patches/patch-ae | 40 ++++++++++++++++++++++++++++++++++++++++ 4 files changed, 47 insertions(+), 5 deletions(-) create mode 100644 mail/dspam/patches/patch-ae (limited to 'mail/dspam') diff --git a/mail/dspam/Makefile b/mail/dspam/Makefile index 6d25f98f781..2845fde3fa3 100644 --- a/mail/dspam/Makefile +++ b/mail/dspam/Makefile @@ -1,6 +1,7 @@ -# $NetBSD: Makefile,v 1.58 2008/05/26 02:13:21 joerg Exp $ +# $NetBSD: Makefile,v 1.59 2009/03/13 10:11:14 roy Exp $ DISTNAME= dspam-3.8.0 +PKGREVISION= 1 CATEGORIES= mail MASTER_SITES= http://dspam.nuclearelephant.com/sources/ diff --git a/mail/dspam/distinfo b/mail/dspam/distinfo index 1a85f99943c..6223733bea0 100644 --- a/mail/dspam/distinfo +++ b/mail/dspam/distinfo @@ -1,7 +1,8 @@ -$NetBSD: distinfo,v 1.30 2007/05/07 09:29:54 adrianp Exp $ +$NetBSD: distinfo,v 1.31 2009/03/13 10:11:14 roy Exp $ SHA1 (dspam-3.8.0.tar.gz) = d1de7ee2134522adaf52f49167accecf1589fa96 RMD160 (dspam-3.8.0.tar.gz) = e7831e2415e30e819dd9cbc0ba3f269e113e2fb9 Size (dspam-3.8.0.tar.gz) = 726160 bytes SHA1 (patch-aa) = 04e94e3da9de06c15863425d0a827858b5dd4a6c SHA1 (patch-ad) = cfa68c01cb3f5ce0556c7a3b008dc214bdfbbd95 +SHA1 (patch-ae) = 21f450dd67dc2101b44f1a952632b933a3c8a913 diff --git a/mail/dspam/options.mk b/mail/dspam/options.mk index 25cd67bf2fb..5c324f85550 100644 --- a/mail/dspam/options.mk +++ b/mail/dspam/options.mk @@ -1,4 +1,4 @@ -# $NetBSD: options.mk,v 1.22 2008/04/12 22:43:03 jlam Exp $ +# $NetBSD: options.mk,v 1.23 2009/03/13 10:11:14 roy Exp $ .if defined(DSPAM_DELIVERY_AGENT) && !empty(DSPAM_DELIVERY_AGENT:Mcustom) DSPAM_DELIVERY_AGENT:= ${DSPAM_DELIVERY_AGENT_ARGS} @@ -88,9 +88,9 @@ PKG_FAIL_REASON+= "${PKGBASE}: unknown storage driver \\'${DSPAM_STORAGE_DRIVER} .if !empty(DSPAM_STORAGE_DRIVER:Mmysql) || \ !empty(DSPAM_STORAGE_DRIVER:Mpgsql) || \ !empty(DSPAM_STORAGE_DRIVER:Mhash) -. if empty(MACHINE_PLATFORM:MNetBSD-1.*) +. if empty(MACHINE_PLATFORM:MNetBSD-1.*) CONFIGURE_ARGS+= --enable-daemon -. endif +. endif .endif ### diff --git a/mail/dspam/patches/patch-ae b/mail/dspam/patches/patch-ae new file mode 100644 index 00000000000..1b5bfa549eb --- /dev/null +++ b/mail/dspam/patches/patch-ae @@ -0,0 +1,40 @@ +$NetBSD: patch-ae,v 1.1 2009/03/13 10:11:15 roy Exp $ + +Report the correct driver on error. +Escape the binary string correctly using the thread safe PQescapeByteaConn. +Declare the string as being escaped. +Use strlcpy instead of strcpy. + +--- src/pgsql_drv.c 2006-07-29 14:38:48.000000000 +0100 ++++ src/pgsql_drv.c 2009-03-12 23:19:50.000000000 +0000 +@@ -1146,7 +1146,7 @@ + + p = _pgsql_drv_getpwuid (CTX, uid); + if (!p) { +- LOG(LOG_CRIT, "_ds_get_signature(): _mysql_drv_getpwuid(%d) failed: aborting", uid); ++ LOG(LOG_CRIT, "_ds_get_signature(): _pgsql_drv_getpwuid(%d) failed: aborting", uid); + return EFAILURE; + } + username = strdup(p->pw_name); +@@ -1238,10 +1238,10 @@ + return EUNKNOWN; + } + +- mem = PQescapeBytea(SIG->data, SIG->length, &length); ++ mem = PQescapeByteaConn(s->dbh, SIG->data, SIG->length, &length); + + snprintf (scratch, sizeof (scratch), +- "INSERT INTO dspam_signature_data (uid, signature, length, created_on, data) VALUES (%d, '%s', %ld, CURRENT_DATE, '", ++ "INSERT INTO dspam_signature_data (uid, signature, length, created_on, data) VALUES (%d, '%s', %ld, CURRENT_DATE, E'", + (int)p->pw_uid, signature, SIG->length); + buffer_cat (query, scratch); + buffer_cat (query, (const char *) mem); +@@ -1405,7 +1405,7 @@ + virtual_username, + virtual_table); + #else +- strcpy (query, "DECLARE dscursor CURSOR FOR SELECT DISTINCT uid FROM dspam_stats"); ++ strlcpy (query, "DECLARE dscursor CURSOR FOR SELECT DISTINCT uid FROM dspam_stats", sizeof(query)); + #endif + + result = PQexec(s->dbh, query); -- cgit v1.2.3