pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2006Q1]: pkgsrc/devel/cscope Pullup ticket 1675 - requested by...
details: https://anonhg.NetBSD.org/pkgsrc/rev/61738ad834c0
branches: pkgsrc-2006Q1
changeset: 510299:61738ad834c0
user: ghen <ghen%pkgsrc.org@localhost>
date: Tue May 30 20:18:31 2006 +0000
description:
Pullup ticket 1675 - requested by tron
security fix for cscope
Revisions pulled up:
- pkgsrc/devel/cscope/Makefile 1.44
- pkgsrc/devel/cscope/distinfo 1.13
- pkgsrc/devel/cscope/patches/patch-ae 1.7
- pkgsrc/devel/cscope/patches/patch-af 1.6
- pkgsrc/devel/cscope/patches/patch-ag 1.3
- pkgsrc/devel/cscope/patches/patch-ah 1.3
- pkgsrc/devel/cscope/patches/patch-ai 1.3
- pkgsrc/devel/cscope/patches/patch-aj 1.1
- pkgsrc/devel/cscope/patches/patch-ak 1.1
- pkgsrc/devel/cscope/patches/patch-al 1.1
- pkgsrc/devel/cscope/patches/patch-am 1.1
- pkgsrc/devel/cscope/patches/patch-an 1.1
- pkgsrc/devel/cscope/patches/patch-ao 1.1
Module Name: pkgsrc
Committed By: tron
Date: Mon May 29 13:48:53 UTC 2006
Modified Files:
pkgsrc/devel/cscope: Makefile distinfo
pkgsrc/devel/cscope/patches: patch-af
Added Files:
pkgsrc/devel/cscope/patches: patch-ae patch-ag patch-ah patch-ai
patch-aj patch-ak patch-al patch-am patch-an patch-ao
Log Message:
Integrate Debian's fix for security whole reported in CVE-2004-2541.
Bump package revision.
diffstat:
devel/cscope/Makefile | 3 +-
devel/cscope/distinfo | 14 ++++++-
devel/cscope/patches/patch-ae | 20 ++++++++++
devel/cscope/patches/patch-af | 84 +++++++++++++++++++++++++++---------------
devel/cscope/patches/patch-ag | 11 +++++
devel/cscope/patches/patch-ah | 64 ++++++++++++++++++++++++++++++++
devel/cscope/patches/patch-ai | 62 +++++++++++++++++++++++++++++++
devel/cscope/patches/patch-aj | 23 +++++++++++
devel/cscope/patches/patch-ak | 11 +++++
devel/cscope/patches/patch-al | 11 +++++
devel/cscope/patches/patch-am | 11 +++++
devel/cscope/patches/patch-an | 11 +++++
devel/cscope/patches/patch-ao | 11 +++++
13 files changed, 302 insertions(+), 34 deletions(-)
diffs (truncated from 409 to 300 lines):
diff -r bd33a9ec593b -r 61738ad834c0 devel/cscope/Makefile
--- a/devel/cscope/Makefile Mon May 29 11:33:00 2006 +0000
+++ b/devel/cscope/Makefile Tue May 30 20:18:31 2006 +0000
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.43 2006/03/04 21:29:13 jlam Exp $
+# $NetBSD: Makefile,v 1.43.2.1 2006/05/30 20:18:31 ghen Exp $
DISTNAME= cscope-15.5
+PKGREVISION= 1
CATEGORIES= devel
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=cscope/}
diff -r bd33a9ec593b -r 61738ad834c0 devel/cscope/distinfo
--- a/devel/cscope/distinfo Mon May 29 11:33:00 2006 +0000
+++ b/devel/cscope/distinfo Tue May 30 20:18:31 2006 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.12 2006/03/23 16:09:32 yyamano Exp $
+$NetBSD: distinfo,v 1.12.2.1 2006/05/30 20:18:31 ghen Exp $
SHA1 (cscope-15.5.tar.gz) = 2e8e66735254328399dc50757b270bcc3e9002d3
RMD160 (cscope-15.5.tar.gz) = 30623f07043abc90d76b384c407abe5813a8a716
@@ -7,4 +7,14 @@
SHA1 (patch-ab) = 646512ad53b3f3e7dab607df4c6c3d775587a03c
SHA1 (patch-ac) = 40a69af0eb5419de827b490c960803a736040f2c
SHA1 (patch-ad) = 7e0f25b67f3476ac90b7541595649d6a6bf65aa9
-SHA1 (patch-af) = fbccbdcbf195a5852ff35be36446c471daf36cd5
+SHA1 (patch-ae) = eefe4052767901c27eefb17c182f8bd56997d3b7
+SHA1 (patch-af) = 310a02a1f1e8b780fb6bf1ce86da628bab0f21a4
+SHA1 (patch-ag) = e231fad53976305b1025b62b241e295acc73664b
+SHA1 (patch-ah) = 9caa10d9cd4332c1172fc7ae9682d057bbf7ddaa
+SHA1 (patch-ai) = a0fdf5d665399c7f7e9e0b37de5f0531d5b4b28f
+SHA1 (patch-aj) = 7920535ee918dd02d55222f5327cfd86b8cf583d
+SHA1 (patch-ak) = 9773b0eb449be43e28a47e36a6aa178c8d5fbedc
+SHA1 (patch-al) = d64855929ac556c03e0ddc07b4869b8d159d3249
+SHA1 (patch-am) = aee755e5ac8e15e685eb7b755be9c967d79c71f8
+SHA1 (patch-an) = 924c2883fbea0b66ecdd6085f07a1a3bf3cd2752
+SHA1 (patch-ao) = d8fd8aadf22b582e8ca2e90a1da8d64490293155
diff -r bd33a9ec593b -r 61738ad834c0 devel/cscope/patches/patch-ae
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/cscope/patches/patch-ae Tue May 30 20:18:31 2006 +0000
@@ -0,0 +1,20 @@
+--- src/build.c.orig 2003-03-05 10:43:59.000000000 +0000
++++ src/build.c 2006-05-29 14:34:26.000000000 +0100
+@@ -215,7 +215,7 @@
+ (void) strcpy(newdir, "$HOME");
+ }
+ else if (strncmp(currentdir, home, strlen(home)) == 0) {
+- (void) sprintf(newdir, "$HOME%s", currentdir + strlen(home));
++ (void) snprintf(newdir, sizeof(newdir), "$HOME%s", currentdir + strlen(home));
+ }
+ /* sort the source file names (needed for rebuilding) */
+ qsort(srcfiles, (unsigned) nsrcfiles, sizeof(char *), compare);
+@@ -443,7 +443,7 @@
+ }
+ (void) fstat(fileno(postings), &statstruct);
+ (void) fclose(postings);
+- (void) sprintf(sortcommand, "env LC_ALL=C sort -T %s %s", tmpdir, temp1);
++ (void) snprintf(sortcommand, sizeof(sortcommand), "env LC_ALL=C sort -T %s %s", tmpdir, temp1);
+ if ((postings = mypopen(sortcommand, "r")) == NULL) {
+ (void) fprintf(stderr, "cscope: cannot open pipe to sort command\n");
+ cannotindex();
diff -r bd33a9ec593b -r 61738ad834c0 devel/cscope/patches/patch-af
--- a/devel/cscope/patches/patch-af Mon May 29 11:33:00 2006 +0000
+++ b/devel/cscope/patches/patch-af Tue May 30 20:18:31 2006 +0000
@@ -1,40 +1,62 @@
-$NetBSD: patch-af,v 1.5 2005/10/03 15:00:12 wiz Exp $
-
---- src/main.c.orig 2003-08-14 16:36:18.000000000 +0200
-+++ src/main.c
-@@ -330,9 +330,32 @@ lastarg:
+--- src/main.c.orig 2003-08-14 15:36:18.000000000 +0100
++++ src/main.c 2006-05-29 14:34:26.000000000 +0100
+@@ -330,9 +330,31 @@
}
/* create the temporary file names */
- pid = getpid();
- (void) sprintf(temp1, "%s/cscope%d.1", tmpdir, pid);
- (void) sprintf(temp2, "%s/cscope%d.2", tmpdir, pid);
-+ do {
-+ char *tempfile = tempnam(tmpdir, "cscope1");
-+ if (!tempfile) {
-+ fprintf (stderr, "Can't create tempfile\n");
-+ exit(1);
-+ }
-+ if (strlen(tempfile) >= sizeof(temp1)) {
-+ fprintf (stderr, "TMPDIR path is too long\n");
-+ exit(1);
-+ }
-+ strncpy (temp1, tempfile, sizeof (temp1));
-+ free (tempfile);
-+ } while (open (temp1, O_CREAT|O_EXCL|O_WRONLY, S_IREAD|S_IWRITE) < 0);
-+ do {
-+ char *tempfile = tempnam(tmpdir, "cscope2");
-+ if (!tempfile) {
-+ fprintf (stderr, "Can't create tempfile\n");
-+ exit(1);
-+ }
-+ if (strlen(tempfile) >= sizeof(temp2)) {
-+ fprintf (stderr, "TMPDIR path is too long\n");
-+ exit(1);
-+ }
-+ strncpy (temp2, tempfile, sizeof (temp2));
-+ free (tempfile);
-+ } while (open (temp2, O_CREAT|O_EXCL|O_WRONLY, S_IREAD|S_IWRITE) < 0);
++ do {
++ char *tempfile = tempnam(tmpdir, "cscope1");
++ if (!tempfile) {
++ fputs ("Can't create tempfile\n", stderr);
++ exit (1);
++ }
++ if (strlen(tempfile) >= sizeof(temp1)) {
++ fputs ("TMPDIR path is too long\n", stderr);
++ exit(1);
++ }
++ strncpy (temp1, tempfile, sizeof (temp1));
++ } while (open (temp1, O_CREAT|O_EXCL|O_WRONLY, 0600) < 0);
++ do {
++ char *tempfile = tempnam(tmpdir, "cscope2");
++ if (!tempfile) {
++ fputs ("Can't create tempfile\n", stderr);
++ exit (1);
++ }
++ if (strlen(tempfile) >= sizeof(temp2)) {
++ fputs ("TMPDIR path is too long\n", stderr);
++ exit(1);
++ }
++ strncpy (temp2, tempfile, sizeof (temp2));
++ } while (open (temp2, O_CREAT|O_EXCL|O_WRONLY, 0600) < 0);
++
/* if running in the foreground */
if (signal(SIGINT, SIG_IGN) != SIG_IGN) {
+@@ -352,12 +374,12 @@
+ * used instead of failing to open a non-existant database in
+ * the home directory
+ */
+- (void) sprintf(path, "%s/%s", home, reffile);
++ (void) snprintf(path, sizeof(path), "%s/%s", home, reffile);
+ if (isuptodate == NO || access(path, READ) == 0) {
+ reffile = stralloc(path);
+- (void) sprintf(path, "%s/%s", home, invname);
++ (void) snprintf(path, sizeof(path), "%s/%s", home, invname);
+ invname = stralloc(path);
+- (void) sprintf(path, "%s/%s", home, invpost);
++ (void) snprintf(path, sizeof(path), "%s/%s", home, invpost);
+ invpost = stralloc(path);
+ }
+ }
+@@ -692,7 +714,7 @@
+ #else
+ char *msg = mymalloc(50+strlen(file));
+
+- (void) sprintf(msg, "Removed file %s because write failed", file);
++ (void) snprintf(msg, sizeof(msg), "Removed file %s because write failed", file);
+ #endif
+
+ myperror(msg); /* display the reason */
diff -r bd33a9ec593b -r 61738ad834c0 devel/cscope/patches/patch-ag
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/cscope/patches/patch-ag Tue May 30 20:18:31 2006 +0000
@@ -0,0 +1,11 @@
+--- src/command.c.orig 2002-07-29 13:37:49.000000000 +0100
++++ src/command.c 2006-05-29 14:34:26.000000000 +0100
+@@ -718,7 +718,7 @@
+
+ /* make sure it can be changed */
+ if (access(newfile, WRITE) != 0) {
+- (void) sprintf(msg, "Cannot write to file %s", newfile);
++ (void) snprintf(msg, sizeof(msg), "Cannot write to file %s", newfile);
+ postmsg(msg);
+ anymarked = NO;
+ break;
diff -r bd33a9ec593b -r 61738ad834c0 devel/cscope/patches/patch-ah
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/cscope/patches/patch-ah Tue May 30 20:18:31 2006 +0000
@@ -0,0 +1,64 @@
+--- src/dir.c.orig 2003-06-02 11:43:00.000000000 +0100
++++ src/dir.c 2006-05-29 14:34:26.000000000 +0100
+@@ -138,7 +138,7 @@
+
+ /* compute its path from higher view path source dirs */
+ for (i = 1; i < nvpsrcdirs; ++i) {
+- (void) sprintf(path, "%.*s/%s",
++ (void) snprintf(path, sizeof(path), "%.*s/%s",
+ PATHLEN - 2 - dir_len,
+ srcdirs[i], dir);
+ addsrcdir(path);
+@@ -206,7 +206,7 @@
+
+ /* compute its path from higher view path source dirs */
+ for (i = 1; i < nvpsrcdirs; ++i) {
+- (void) sprintf(path, "%.*s/%s",
++ (void) snprintf(path, sizeof(path), "%.*s/%s",
+ PATHLEN - 2 - dir_len,
+ srcdirs[i], dir);
+ addincdir(dir, path);
+@@ -474,8 +474,6 @@
+ DIR *dirfile;
+ int adir_len = strlen(adir);
+
+- /* FIXME: no guards against adir_len > PATHLEN, yet */
+-
+ if ((dirfile = opendir(adir)) != NULL) {
+ struct dirent *entry;
+ char path[PATHLEN + 1];
+@@ -486,7 +484,7 @@
+ && (strcmp("..",entry->d_name) != 0)) {
+ struct stat buf;
+
+- sprintf(path,"%s/%.*s", adir,
++ snprintf(path, sizeof(path), "%s/%.*s", adir,
+ PATHLEN - 2 - adir_len,
+ entry->d_name);
+
+@@ -603,14 +601,14 @@
+ for (i = 0; i < nincdirs; ++i) {
+
+ /* don't include the file from two directories */
+- (void) sprintf(name, "%.*s/%s",
++ (void) snprintf(name, sizeof(name), "%.*s/%s",
+ PATHLEN - 2 - file_len, incnames[i],
+ file);
+ if (infilelist(name) == YES) {
+ break;
+ }
+ /* make sure it exists and is readable */
+- (void) sprintf(path, "%.*s/%s",
++ (void) snprintf(path, sizeof(path), "%.*s/%s",
+ PATHLEN - 2 - file_len, incdirs[i],
+ file);
+ if (access(compath(path), READ) == 0) {
+@@ -654,7 +652,7 @@
+
+ /* compute its path from higher view path source dirs */
+ for (i = 1; i < nvpsrcdirs; ++i) {
+- (void) sprintf(path, "%.*s/%s",
++ (void) snprintf(path, sizeof(path), "%.*s/%s",
+ PATHLEN - 2 - file_len, srcdirs[i],
+ file);
+ if (access(compath(path), READ) == 0) {
diff -r bd33a9ec593b -r 61738ad834c0 devel/cscope/patches/patch-ai
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/devel/cscope/patches/patch-ai Tue May 30 20:18:31 2006 +0000
@@ -0,0 +1,62 @@
+--- src/display.c.orig 2003-09-04 16:54:02.000000000 +0100
++++ src/display.c 2006-05-29 14:34:26.000000000 +0100
+@@ -473,24 +473,24 @@
+ /* see if it is empty */
+ if ((c = getc(refsfound)) == EOF) {
+ if (findresult != NULL) {
+- (void) sprintf(lastmsg, "Egrep %s in this pattern: %s",
++ (void) snprintf(lastmsg, sizeof(lastmsg), "Egrep %s in this pattern: %s",
+ findresult, pattern);
+ }
+ else if (rc == NOTSYMBOL) {
+- (void) sprintf(lastmsg, "This is not a C symbol: %s",
++ (void) snprintf(lastmsg, sizeof(lastmsg), "This is not a C symbol: %s",
+ pattern);
+ }
+ else if (rc == REGCMPERROR) {
+- (void) sprintf(lastmsg, "Error in this regcomp(3) regular expression: %s",
++ (void) snprintf(lastmsg, sizeof(lastmsg), "Error in this regcomp(3) regular expression: %s",
+ pattern);
+
+ }
+ else if (funcexist == NO) {
+- (void) sprintf(lastmsg, "Function definition does not exist: %s",
++ (void) snprintf(lastmsg, sizeof(lastmsg), "Function definition does not exist: %s",
+ pattern);
+ }
+ else {
+- (void) sprintf(lastmsg, "Could not find the %s: %s",
++ (void) snprintf(lastmsg, sizeof(lastmsg), "Could not find the %s: %s",
+ fields[field].text2, pattern);
+ }
+ return(NO);
+@@ -555,17 +555,17 @@
+ move(MSGLINE, 0);
+ clrtoeol();
+ addstr(what);
+- sprintf(msg, "%ld", current);
++ snprintf(msg, sizeof(msg), "%ld", current);
+ move(MSGLINE, (COLS / 2) - (strlen(msg) / 2));
+ addstr(msg);
+- sprintf(msg, "%ld", max);
++ snprintf(msg, sizeof(msg), "%ld", max);
+ move(MSGLINE, COLS - strlen(msg));
+ addstr(msg);
+ refresh();
+ }
+ else if (verbosemode == YES)
+ {
+- sprintf(msg, "> %s %ld of %ld", what, current, max);
++ snprintf(msg, sizeof(msg), "> %s %ld of %ld", what, current, max);
+ }
+
+ start = now;
+@@ -603,7 +603,7 @@
+ s = sys_errlist[errno];
Home |
Main Index |
Thread Index |
Old Index