[pkgsrc/trunk]: pkgsrc/mail/mush small fixes to avoid most recent core-dump:

[christos <christos%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/806f23b861a2
branches:  trunk
changeset: 626206:806f23b861a2
user:      christos <christos%pkgsrc.org@localhost>
date:      Mon Nov 04 15:34:38 2013 +0000

description:
small fixes to avoid most recent core-dump:
- bump buffer limits
- fix pointer<->integer conversions

diffstat:

 mail/mush/Makefile                 |   4 ++--
 mail/mush/distinfo                 |   5 ++++-
 mail/mush/patches/patch-command2.c |  15 +++++++++++++++
 mail/mush/patches/patch-hdrs.c     |  18 ++++++++++++++++++
 mail/mush/patches/patch-msgs.c     |  16 ++++++++++++++++
 5 files changed, 55 insertions(+), 3 deletions(-)

diffs (91 lines):

diff -r e635d6a12bfe -r 806f23b861a2 mail/mush/Makefile
--- a/mail/mush/Makefile        Mon Nov 04 11:08:03 2013 +0000
+++ b/mail/mush/Makefile        Mon Nov 04 15:34:38 2013 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.24 2012/10/08 12:19:18 asau Exp $
+# $NetBSD: Makefile,v 1.25 2013/11/04 15:34:38 christos Exp $
 
 DISTNAME=      mush-7.2.5
 PKGNAME=       mush-7.2.6.b4.pl1
-PKGREVISION=   2
+PKGREVISION=   3
 CATEGORIES=    mail
 MASTER_SITES=  # ftp://cse.ogi.edu/pub/mush/
 EXTRACT_SUFX=  .tar.Z
diff -r e635d6a12bfe -r 806f23b861a2 mail/mush/distinfo
--- a/mail/mush/distinfo        Mon Nov 04 11:08:03 2013 +0000
+++ b/mail/mush/distinfo        Mon Nov 04 15:34:38 2013 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.12 2010/05/24 19:49:44 christos Exp $
+$NetBSD: distinfo,v 1.13 2013/11/04 15:34:38 christos Exp $
 
 SHA1 (mush/mush-7.2.5.tar.Z) = 1b9b54b368b9a748401b1baeb3b3eba5a9ed2c03
 RMD160 (mush/mush-7.2.5.tar.Z) = 32e010f544f79cc1a0f899d722d465975d552a4e
@@ -40,3 +40,6 @@
 SHA1 (patch-an) = 9c7441265ac13e73a4143440b3a1706f81d9d00c
 SHA1 (patch-ao) = e5b28c4a761c1bc1bba195c5dc6ff332cad51f67
 SHA1 (patch-ap) = 8788bb93e3808ae6c089429db3fb86307cebfd6e
+SHA1 (patch-command2.c) = 07f010c2cbd29394a3dcabfad32a00d79cc5e3a6
+SHA1 (patch-hdrs.c) = 019c41a2f60d6a8325ae08a5d2653565aa7aa089
+SHA1 (patch-msgs.c) = 52f80a29243143bcf449977bc9f142e2af05bdb2
diff -r e635d6a12bfe -r 806f23b861a2 mail/mush/patches/patch-command2.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/mush/patches/patch-command2.c        Mon Nov 04 15:34:38 2013 +0000
@@ -0,0 +1,15 @@
+$NetBSD: patch-command2.c,v 1.1 2013/11/04 15:34:38 christos Exp $
+
+- avoid pointer<->integer conversions
+
+--- command2.c 2013-11-04 10:20:21.000000000 -0500
++++ command2.c 2013-11-04 10:28:08.000000000 -0500
+@@ -310,7 +310,7 @@
+           execute(edit_cmd);
+           turnoff(glob_flags, IS_GETTING);
+           free_vec(edit_cmd);
+-          if (load_folder(b, FALSE, (char *)i) > 0) {
++          if (load_folder(b, FALSE, (char *)&i) > 0) {
+               (void) unlink(b);
+               edited = 1;
+           }
diff -r e635d6a12bfe -r 806f23b861a2 mail/mush/patches/patch-hdrs.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/mush/patches/patch-hdrs.c    Mon Nov 04 15:34:38 2013 +0000
@@ -0,0 +1,18 @@
+$NetBSD: patch-hdrs.c,v 1.1 2013/11/04 15:34:38 christos Exp $
+
+bump limits higher: XXX these all need to be bounded to avoid DoS from
+specially crafted error messages
+
+--- hdrs.c     2013-11-04 10:24:04.000000000 -0500
++++ hdrs.c     2013-11-04 10:28:09.000000000 -0500
+@@ -383,8 +383,8 @@
+     static char               buf[HDRSIZ];
+     register char     *p, *p2, *b;
+     int                       len, do_pad = FALSE, val, pad, got_dot, isauthor = 0, n;
+-    char from[HDRSIZ], subject[256], date[64], lines[16];
+-    char to[256], addr[256], name[256], user[256], status[4];
++    char from[HDRSIZ], subject[512], date[64], lines[16];
++    char to[512], addr[512], name[512], user[512], status[4];
+     char Day[3], Mon[4], Tm[8], Yr[5], Wkday[4], Zone[8], *date_p;
+ 
+     buf[0] = 0;
diff -r e635d6a12bfe -r 806f23b861a2 mail/mush/patches/patch-msgs.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/mail/mush/patches/patch-msgs.c    Mon Nov 04 15:34:38 2013 +0000
@@ -0,0 +1,16 @@
+$NetBSD: patch-msgs.c,v 1.1 2013/11/04 15:34:38 christos Exp $ 
+
+Avoid pointer<->integer conversions
+
+--- msgs.c     2013-11-04 10:20:09.000000000 -0500
++++ msgs.c     2013-11-04 10:28:09.000000000 -0500
+@@ -817,7 +817,7 @@
+       cnt = msg_cnt;
+       (void) fseek(fp, append == 1 ? msg[cnt].m_offset : 0L, L_SET);
+     } else {
+-      cnt = (int)list;
++      cnt = *(int *)list;
+       old = msg[cnt];
+     }
+ 
+Only in www: mush.core