[pkgsrc/trunk]: pkgsrc/mail/evolution apply a patch from evution CVS:

[drochner <drochner%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/47d703b2d43e
branches:  trunk
changeset: 488188:47d703b2d43e
user:      drochner <drochner%pkgsrc.org@localhost>
date:      Tue Jan 25 15:23:46 2005 +0000

description:
apply a patch from evution CVS:
2005-01-20  Not Zed  <NotZed%Ximian.com@localhost>
* camel-lock-helper.c (main): since malloc(MAXINT+1) returns a
  valid pointer, validate the length of the path before using it.
  set maximum path to 65000 characters.  Spotted by Max Vozeler
    <max%hinterhof.net@localhost>

This fixes the security vulnerability refered to as CAN-2005-0102.
bump PKGREVISION

diffstat:

 mail/evolution/Makefile         |   3 ++-
 mail/evolution/distinfo         |   3 ++-
 mail/evolution/patches/patch-ad |  16 ++++++++++++++++
 3 files changed, 20 insertions(+), 2 deletions(-)

diffs (45 lines):

diff -r 6053eb133446 -r 47d703b2d43e mail/evolution/Makefile
--- a/mail/evolution/Makefile   Tue Jan 25 14:56:41 2005 +0000
+++ b/mail/evolution/Makefile   Tue Jan 25 15:23:46 2005 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.72 2004/12/28 22:01:25 jmmv Exp $
+# $NetBSD: Makefile,v 1.73 2005/01/25 15:23:46 drochner Exp $
 
 DISTNAME=              evolution-2.0.3
+PKGREVISION=           1
 CATEGORIES=            mail time gnome
 MASTER_SITES=          ${MASTER_SITE_GNOME:=sources/evolution/2.0/}
 EXTRACT_SUFX=          .tar.bz2
diff -r 6053eb133446 -r 47d703b2d43e mail/evolution/distinfo
--- a/mail/evolution/distinfo   Tue Jan 25 14:56:41 2005 +0000
+++ b/mail/evolution/distinfo   Tue Jan 25 15:23:46 2005 +0000
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.32 2005/01/17 08:46:34 jmmv Exp $
+$NetBSD: distinfo,v 1.33 2005/01/25 15:23:46 drochner Exp $
 
 SHA1 (evolution-2.0.3.tar.bz2) = 059253acd24648b841c6fc24e376c475b2598b6d
 Size (evolution-2.0.3.tar.bz2) = 15381448 bytes
 SHA1 (patch-aa) = a89da54c40813c07af76dd98f876dd2e979c2554
 SHA1 (patch-ab) = 871a322eefd1a42e7197da764d49cd1d24f6535d
 SHA1 (patch-ac) = 5150f3163e7307e03ed82757e1d31a54310feae3
+SHA1 (patch-ad) = 32b3b688033518602cd91888e5239b78558f1558
diff -r 6053eb133446 -r 47d703b2d43e mail/evolution/patches/patch-ad
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/evolution/patches/patch-ad   Tue Jan 25 15:23:46 2005 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-ad,v 1.6 2005/01/25 15:23:46 drochner Exp $
+
+--- camel/camel-lock-helper.c.orig     2005-01-25 15:34:38.000000000 +0100
++++ camel/camel-lock-helper.c
+@@ -360,8 +360,9 @@ int main(int argc, char **argv)
+                       switch(msg.id) {
+                       case CAMEL_LOCK_HELPER_LOCK:
+                               res = CAMEL_LOCK_HELPER_STATUS_NOMEM;
+-                              path = malloc(msg.data+1);
+-                              if (path != NULL) {
++                              if (msg.data > 0xffff) {
++                                      res = CAMEL_LOCK_HELPER_STATUS_PROTOCOL;
++                              } else if ((path = malloc(msg.data+1)) != NULL) {
+                                       res = CAMEL_LOCK_HELPER_STATUS_PROTOCOL;
+                                       len = read_n(STDIN_FILENO, path, msg.data);
+                                       if (len == msg.data) {