pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/archivers/arj Add patches from Debian to fix some inst...
details: https://anonhg.NetBSD.org/pkgsrc/rev/a92b7de4fc13
branches: trunk
changeset: 649914:a92b7de4fc13
user: tnn <tnn%pkgsrc.org@localhost>
date: Sun Apr 12 16:09:27 2015 +0000
description:
Add patches from Debian to fix some instances of possibly unsafe
format string usage. Bump PKGREVISION.
diffstat:
archivers/arj/Makefile | 4 +-
archivers/arj/distinfo | 8 +-
archivers/arj/patches/patch-arj__user.c | 15 +++
archivers/arj/patches/patch-arjdisp.c | 137 ++++++++++++++++++++++++++++++++
archivers/arj/patches/patch-arjsfx.c | 15 +++
archivers/arj/patches/patch-fardata.c | 43 +++++++++-
archivers/arj/patches/patch-register.c | 15 +++
7 files changed, 231 insertions(+), 6 deletions(-)
diffs (297 lines):
diff -r 3b84bf566e02 -r a92b7de4fc13 archivers/arj/Makefile
--- a/archivers/arj/Makefile Sun Apr 12 15:56:08 2015 +0000
+++ b/archivers/arj/Makefile Sun Apr 12 16:09:27 2015 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.29 2015/02/26 16:05:11 tnn Exp $
+# $NetBSD: Makefile,v 1.30 2015/04/12 16:09:27 tnn Exp $
DISTNAME= arj-3.10.22
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= archivers
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=arj/}
diff -r 3b84bf566e02 -r a92b7de4fc13 archivers/arj/distinfo
--- a/archivers/arj/distinfo Sun Apr 12 15:56:08 2015 +0000
+++ b/archivers/arj/distinfo Sun Apr 12 16:09:27 2015 +0000
@@ -1,15 +1,19 @@
-$NetBSD: distinfo,v 1.19 2015/04/12 15:56:08 tnn Exp $
+$NetBSD: distinfo,v 1.20 2015/04/12 16:09:27 tnn Exp $
SHA1 (arj-3.10.22.tar.gz) = e8470f480e9eee14906e5485a8898e5c24738c8b
RMD160 (arj-3.10.22.tar.gz) = 80f8a1a8cd203f73def8e957d96563a4dba80153
Size (arj-3.10.22.tar.gz) = 431467 bytes
+SHA1 (patch-arj__user.c) = 011e5deaa24c696b212beadad7d386ccb3c7112d
SHA1 (patch-arjdata.c) = 4e4c142b97feee0673b14ea6f454f3d9de45f584
+SHA1 (patch-arjdisp.c) = d843d4dd1006ea30e8bb3a2acddbc2f0ac221abd
+SHA1 (patch-arjsfx.c) = c9e2314d0933cdc12f8e01ca16bc9222ac4e10b9
SHA1 (patch-decode.c) = 15c31c3bf1303370691b701a98bad88ae1b0967b
SHA1 (patch-environ.c) = e306005a88825b2bfd5b3bb35b18710d26a4c885
SHA1 (patch-exe__sear.c) = 6d8db5a2cdb8f2452b96cf4d09687ae9d45d3e17
-SHA1 (patch-fardata.c) = 341a8d10ec1927b9cb980c90400e323cd53f979d
+SHA1 (patch-fardata.c) = b76ac5a168b9a8e288a610dce093280d31520af6
SHA1 (patch-gnu_config.h.in) = 2cf609a6c7cb4e32441a433db3dc9cc04c23ae2a
SHA1 (patch-gnu_configure.in) = 062f3dc1eee6f009dfdfa432bb3c138a9c28a829
SHA1 (patch-gnu_makefile.in) = db8a0afa61f49242e9fd601d5fc3167cf75f748b
SHA1 (patch-integr.c) = fade32219b21ac3382028bf23ee4171d8d095b5f
+SHA1 (patch-register.c) = 8d81e663b499a45f7faa52b16a6cee47394cd09c
SHA1 (patch-uxspec.c) = 24a22fa2822704e620b38df12b76ef88fe908863
diff -r 3b84bf566e02 -r a92b7de4fc13 archivers/arj/patches/patch-arj__user.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/archivers/arj/patches/patch-arj__user.c Sun Apr 12 16:09:27 2015 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-arj__user.c,v 1.1 2015/04/12 16:09:27 tnn Exp $
+
+Add patch from Debian (security_format.patch) to fix unsafe format string usage.
+
+--- arj_user.c.orig 2004-06-18 16:19:36.000000000 +0000
++++ arj_user.c
+@@ -2303,7 +2303,7 @@ void process_archive()
+ timestamp_to_str(timetext, &ftime_stamp);
+ msg_cprintf(H_HL|H_NFMT, M_ARCHIVE_CREATED, timetext);
+ if(show_ansi_comments)
+- printf(cmt_ptr);
++ fputs(cmt_ptr, stdout);
+ else
+ display_comment(cmt_ptr);
+ /* The sfx_setup() occurs here */
diff -r 3b84bf566e02 -r a92b7de4fc13 archivers/arj/patches/patch-arjdisp.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/archivers/arj/patches/patch-arjdisp.c Sun Apr 12 16:09:27 2015 +0000
@@ -0,0 +1,137 @@
+$NetBSD: patch-arjdisp.c,v 1.1 2015/04/12 16:09:27 tnn Exp $
+
+Add patch from Debian (security_format.patch) to fix unsafe format string usage.
+
+--- arjdisp.c.orig 2003-06-22 11:12:28.000000000 +0000
++++ arjdisp.c
+@@ -20,8 +20,6 @@ static long bytes;
+ static long compsize;
+ static char cmd_verb;
+ static char msg_lf[]="\n";
+-char strform[]="%s"; /* Export it for scrnio.c, too
+- (a byte saved is a byte gained) */
+
+ /* Pseudographical controls */
+
+@@ -54,19 +52,19 @@ static void show_init_scrn()
+ textcolor(7);
+ clrscr();
+ gotoxy(2, 2);
+- scrprintf(win_top);
++ fputs(win_top, stdout);
+ for(i=3; i<24; i++)
+ {
+- gotoxy(2, i); scrprintf(win_border);
+- gotoxy(79, i); scrprintf(win_border);
++ gotoxy(2, i); fputs(win_border, stdout);
++ gotoxy(79, i); fputs(win_border, stdout);
+ }
+- gotoxy(2, 24); scrprintf(win_bottom);
++ gotoxy(2, 24); fputs(win_bottom, stdout);
+ gotoxy(10, 5);
+- scrprintf(M_ARJDISP_COPYRIGHT);
++ fputs(M_ARJDISP_COPYRIGHT, stdout);
+ gotoxy(10, 6);
+- scrprintf(M_ARJDISP_DISTRIBUTION);
++ fputs(M_ARJDISP_DISTRIBUTION, stdout);
+ gotoxy(10, 7);
+- scrprintf(M_ARJDISP_LICENSE);
++ fputs(M_ARJDISP_LICENSE, stdout);
+ gotoxy(16, 10);
+ scrprintf(M_PROCESSING_ARCHIVE, archive_name);
+ t=strtok(M_ARJDISP_INFO, msg_lf);
+@@ -74,11 +72,11 @@ static void show_init_scrn()
+ while(t!=NULL&&i<=23)
+ {
+ gotoxy(10, i++);
+- scrprintf(strform, t);
++ scrprintf("%s", t);
+ t=strtok(NULL, msg_lf);
+ }
+ gotoxy(16, 20);
+- scrprintf(M_PRESS_ANY_KEY);
++ fputs(M_PRESS_ANY_KEY, stdout);
+ uni_getch();
+ gotoxy(1, 24);
+ }
+@@ -96,19 +94,19 @@ static void show_proc_scrn()
+ {
+ clrscr();
+ gotoxy(2, 2);
+- scrprintf(win_top);
++ fputs(win_top, stdout);
+ for(i=3; i<24; i++)
+ {
+- gotoxy(2, i); scrprintf(win_border);
+- gotoxy(79, i); scrprintf(win_border);
++ gotoxy(2, i); fputs(win_border, stdout);
++ gotoxy(79, i); fputs(win_border, stdout);
+ }
+- gotoxy(2, 24); scrprintf(win_bottom);
++ gotoxy(2, 24); fputs(win_bottom, stdout);
+ gotoxy(10, 5);
+- scrprintf(M_ARJDISP_COPYRIGHT);
++ fputs(M_ARJDISP_COPYRIGHT, stdout);
+ gotoxy(10, 6);
+- scrprintf(M_ARJDISP_DISTRIBUTION);
++ fputs(M_ARJDISP_DISTRIBUTION, stdout);
+ gotoxy(10, 7);
+- scrprintf(M_ARJDISP_LICENSE);
++ fputs(M_ARJDISP_LICENSE, stdout);
+ gotoxy(16, 10);
+ scrprintf(M_PROCESSING_ARCHIVE, archive_name);
+ gotoxy(16, 12);
+@@ -132,13 +130,13 @@ static void show_proc_scrn()
+ break;
+ }
+ gotoxy(15, 14);
+- scrprintf(ind_top);
++ fputs(ind_top, stdout);
+ gotoxy(15, 15);
+- scrprintf(ind_middle);
++ fputs(ind_middle, stdout);
+ gotoxy(15, 16);
+- scrprintf(ind_bottom);
++ fputs(ind_bottom, stdout);
+ gotoxy(16, 18);
+- scrprintf(M_ARJDISP_CTR_START);
++ fputs(M_ARJDISP_CTR_START, stdout);
+ }
+ else
+ {
+@@ -146,7 +144,7 @@ static void show_proc_scrn()
+ gotoxy(16, 15);
+ memset(progress, indo, i);
+ progress[i]='\0';
+- scrprintf(progress);
++ fputs(progress, stdout);
+ gotoxy(16, 18);
+ scrprintf(M_ARJDISP_CTR, calc_percentage(bytes, uncompsize)/10);
+ }
+@@ -165,19 +163,19 @@ static void show_ending_scrn()
+ textcolor(7);
+ clrscr();
+ gotoxy(2, 2);
+- scrprintf(win_top);
++ fputs(win_top, stdout);
+ for(i=3; i<24; i++)
+ {
+- gotoxy(2, i); scrprintf(win_border);
+- gotoxy(79, i); scrprintf(win_border);
++ gotoxy(2, i); fputs(win_border, stdout);
++ gotoxy(79, i); fputs(win_border, stdout);
+ }
+- gotoxy(2, 24); scrprintf(win_bottom);
++ gotoxy(2, 24); fputs(win_bottom, stdout);
+ gotoxy(10, 5);
+- scrprintf(M_ARJDISP_COPYRIGHT);
++ fputs(M_ARJDISP_COPYRIGHT, stdout);
+ gotoxy(10, 6);
+- scrprintf(M_ARJDISP_DISTRIBUTION);
++ fputs(M_ARJDISP_DISTRIBUTION, stdout);
+ gotoxy(10, 7);
+- scrprintf(M_ARJDISP_LICENSE);
++ fputs(M_ARJDISP_LICENSE, stdout);
+ gotoxy(16, 10);
+ scrprintf(M_FINISHED_PROCESSING, archive_name);
+ gotoxy(1, 24);
diff -r 3b84bf566e02 -r a92b7de4fc13 archivers/arj/patches/patch-arjsfx.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/archivers/arj/patches/patch-arjsfx.c Sun Apr 12 16:09:27 2015 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-arjsfx.c,v 1.1 2015/04/12 16:09:27 tnn Exp $
+
+Add patch from Debian (security_format.patch) to fix unsafe format string usage.
+
+--- arjsfx.c.orig 2005-06-21 19:53:14.000000000 +0000
++++ arjsfx.c
+@@ -214,7 +214,7 @@ static void final_cleanup(void)
+ freopen(dev_con, m_w, stdout);
+ #if SFX_LEVEL>=ARJSFXV
+ if(ferror(stdout))
+- msg_fprintf(stderr, M_DISK_FULL);
++ msg_fprintf(stderr, "Can't write file. Disk full?");
+ if(debug_enabled&&strchr(debug_opt, 't')!=NULL)
+ {
+ ticks=get_ticks()-ticks;
diff -r 3b84bf566e02 -r a92b7de4fc13 archivers/arj/patches/patch-fardata.c
--- a/archivers/arj/patches/patch-fardata.c Sun Apr 12 15:56:08 2015 +0000
+++ b/archivers/arj/patches/patch-fardata.c Sun Apr 12 16:09:27 2015 +0000
@@ -1,9 +1,19 @@
-$NetBSD: patch-fardata.c,v 1.1 2015/04/12 15:45:00 tnn Exp $
+$NetBSD: patch-fardata.c,v 1.2 2015/04/12 16:09:27 tnn Exp $
Rename strnlen -> _strnlen to avoid conflict in systems having strnlen.
+Add patch from Debian (security_format.patch) to fix unsafe format string usage.
---- fardata.c.orig 2004-04-17 11:39:42.000000000 +0000
+--- fardata.c.orig 2015-04-12 15:57:39.000000000 +0000
+++ fardata.c
+@@ -52,7 +52,7 @@ int error_proc(FMSG *errmsg, ...)
+ /* Check if the message could have a standard error code */
+ if(errno!=0&&is_std_error(errmsg))
+ {
+- msg_cprintf(0, lf);
++ msg_cprintf(0, "\n");
+ error_report();
+ }
+ #endif
@@ -190,7 +190,7 @@ int msg_sprintf(char *str, FMSG *fmt, ..
/* Length-limited strlen() */
@@ -13,6 +23,35 @@
{
const char FAR *sc;
+@@ -377,10 +377,10 @@ static void flush_cbuf(int ccode, char *
+ {
+ #if SFX_LEVEL>=ARJSFXV
+ fprintf(new_stdout, strform, n_text);
+- fprintf(new_stdout, lf);
++ fprintf(new_stdout, "\n");
+ #else
+ printf(strform, n_text);
+- printf(lf);
++ printf("\n");
+ #endif
+ }
+ else
+@@ -391,13 +391,13 @@ static void flush_cbuf(int ccode, char *
+ #ifdef NEED_CRLF
+ scr_out("\r");
+ #endif
+- scr_out(lf);
++ scr_out("\n");
+ }
+ if(!no_colors)
+ textcolor(color_table[ccode&H_COLORMASK].color);
+ #else
+ printf(strform, n_text);
+- printf(lf);
++ printf("\n");
+ #endif
+ n_text=t_text+1;
+ #if SFX_LEVEL>=ARJ
@@ -569,7 +569,7 @@ int vcprintf(int ccode, FMSG *fmt, va_li
if(!s)
s="(null)";
diff -r 3b84bf566e02 -r a92b7de4fc13 archivers/arj/patches/patch-register.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/archivers/arj/patches/patch-register.c Sun Apr 12 16:09:27 2015 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-register.c,v 1.1 2015/04/12 16:09:27 tnn Exp $
+
+Add patch from Debian (security_format.patch) to fix unsafe format string usage.
+
+--- register.c.orig 2004-04-21 07:04:10.000000000 +0000
++++ register.c
+@@ -205,7 +205,7 @@ int main(int argc, char **argv)
+ char reg_source[200];
+ int i;
+
+- printf(M_REGISTER_BANNER);
++ fputs(M_REGISTER_BANNER, stdout);
+ integrity_pattern[0]--;
+ build_crc32_table();
+ if(argc!=2)
Home |
Main Index |
Thread Index |
Old Index