[pkgsrc/pkgsrc-2006Q3]: pkgsrc/mail/mutt Pullup ticket 1953 - requested by salo

[ghen <ghen%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/97e4a99031a0
branches:  pkgsrc-2006Q3
changeset: 519256:97e4a99031a0
user:      ghen <ghen%pkgsrc.org@localhost>
date:      Mon Dec 11 13:55:22 2006 +0000

description:
Pullup ticket 1953 - requested by salo
security fix for mutt

- pkgsrc/mail/mutt/Makefile                     1.147
- pkgsrc/mail/mutt/distinfo                     1.33
- pkgsrc/mail/mutt/patches/patch-ad             1.9

   Module Name: pkgsrc
   Committed By:        salo
   Date:                Mon Dec 11 12:46:51 UTC 2006

   Modified Files:
        pkgsrc/mail/mutt: Makefile distinfo
        pkgsrc/mail/mutt/patches: patch-ad

   Log Message:
   Use official upstream patch for CVE-2006-5297 and CVE-2006-5298 security
   issues from mutt GIT repo.  Bump PKGREVISION.

   ok <tron>

diffstat:

 mail/mutt/Makefile         |    4 +-
 mail/mutt/distinfo         |    4 +-
 mail/mutt/patches/patch-ad |  106 +++++++++++++++++++++++++++++++++++---------
 3 files changed, 88 insertions(+), 26 deletions(-)

diffs (148 lines):

diff -r 3f0765bc9e76 -r 97e4a99031a0 mail/mutt/Makefile
--- a/mail/mutt/Makefile        Mon Dec 11 11:49:48 2006 +0000
+++ b/mail/mutt/Makefile        Mon Dec 11 13:55:22 2006 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.144.2.2 2006/11/02 09:02:58 ghen Exp $
+# $NetBSD: Makefile,v 1.144.2.3 2006/12/11 13:55:22 ghen Exp $
 
 DISTNAME=              mutt-1.4.2.2i
-PKGREVISION=           2
+PKGREVISION=           3
 PKGNAME=               ${DISTNAME:C/i$//}
 CATEGORIES=            mail
 MASTER_SITES=          ftp://ftp.mutt.org/mutt/ \
diff -r 3f0765bc9e76 -r 97e4a99031a0 mail/mutt/distinfo
--- a/mail/mutt/distinfo        Mon Dec 11 11:49:48 2006 +0000
+++ b/mail/mutt/distinfo        Mon Dec 11 13:55:22 2006 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.31.2.1 2006/11/01 21:16:51 ghen Exp $
+$NetBSD: distinfo,v 1.31.2.2 2006/12/11 13:55:22 ghen Exp $
 
 SHA1 (mutt-1.4.2.2i.tar.gz) = 0ee12f734f21186b143fa96a5ea79f72397747fb
 RMD160 (mutt-1.4.2.2i.tar.gz) = a749c13e9b56b0f3cf09ce5eabae3fd2edce4c0a
@@ -6,7 +6,7 @@
 SHA1 (patch-aa) = 057c11486bb855e321853a106992c8792b75b812
 SHA1 (patch-ab) = 46518ebcd144bdb19da3f2238455d25544539e23
 SHA1 (patch-ac) = acfece3438c1cadc43247c590045699be7212ede
-SHA1 (patch-ad) = e207b279b4b6cf9bd29f5537beedb3f34453b62d
+SHA1 (patch-ad) = 8baac1337c1ab65e98055915f045e99d91015677
 SHA1 (patch-ag) = c369b0b5d4855e50a016530f81190b2cbd47cef1
 SHA1 (patch-ah) = 04549728683b4250a26f6d6c7a212b8d505014d2
 SHA1 (patch-ai) = 317b736d6b9a896e1ee185cce37a1c2184c02cde
diff -r 3f0765bc9e76 -r 97e4a99031a0 mail/mutt/patches/patch-ad
--- a/mail/mutt/patches/patch-ad        Mon Dec 11 11:49:48 2006 +0000
+++ b/mail/mutt/patches/patch-ad        Mon Dec 11 13:55:22 2006 +0000
@@ -1,29 +1,91 @@
-$NetBSD: patch-ad,v 1.7.2.1 2006/11/01 21:16:51 ghen Exp $
+$NetBSD: patch-ad,v 1.7.2.2 2006/12/11 13:55:22 ghen Exp $
+
+Security fixes for CVE-2006-5297 and CVE-2006-5298, from mutt git.
 
---- lib.c.orig 2002-04-29 18:12:18.000000000 +0100
-+++ lib.c      2006-11-01 13:22:51.000000000 +0000
-@@ -351,8 +351,8 @@
+--- lib.c.orig 2002-04-29 19:12:18.000000000 +0200
++++ lib.c      2006-12-11 13:24:17.000000000 +0100
+@@ -346,13 +346,84 @@ int safe_rename (const char *src, const 
+   return 0;
+ }
+ 
++/* Create a temporary directory next to a file name */
++
++int mutt_mkwrapdir (const char *path, char *newfile, size_t nflen, 
++                  char *newdir, size_t ndlen)
++{
++  const char *basename;
++  char parent[_POSIX_PATH_MAX];
++  char *p;
++  int rv;
++
++  strfcpy (parent, NONULL (path), sizeof (parent));
++  
++  if ((p = strrchr (parent, '/')))
++  {
++    *p = '\0';
++    basename = p + 1;
++  }
++  else
++  {
++    strfcpy (parent, ".", sizeof (parent));
++    basename = path;
++  }
++
++  do 
++  {
++    snprintf (newdir, ndlen, "%s/%s", parent, ".muttXXXXXX");
++    mktemp (newdir);
++  } 
++  while ((rv = mkdir (newdir, 0700)) == -1 && errno == EEXIST);
++  
++  if (rv == -1)
++    return -1;
++  
++  snprintf (newfile, nflen, "%s/%s", newdir, NONULL(basename));
++  return 0;  
++}
++
++int mutt_put_file_in_place (const char *path, const char *safe_file, const char *safe_dir)
++{
++  int rv;
++  
++  rv = safe_rename (safe_file, path);
++  unlink (safe_file);
++  rmdir (safe_dir);
++  return rv;
++}
++
+ int safe_open (const char *path, int flags)
+ {
    struct stat osb, nsb;
    int fd;
  
--  if ((fd = open (path, flags, 0600)) < 0)
--    return fd;
-+  if ((fd = open (path, flags, S_IRUSR|S_IWUSR)) < 0)
-+    return (-1);
++  if (flags & O_EXCL) 
++  {
++    char safe_file[_POSIX_PATH_MAX];
++    char safe_dir[_POSIX_PATH_MAX];
++
++    if (mutt_mkwrapdir (path, safe_file, sizeof (safe_file),
++                      safe_dir, sizeof (safe_dir)) == -1)
++      return -1;
++    
++    if ((fd = open (safe_file, flags, 0600)) < 0)
++    {
++      rmdir (safe_dir);
++      return fd;
++    }
++    
++    if (mutt_put_file_in_place (path, safe_file, safe_dir) == -1)
++    {
++      close (fd);
++      return -1;
++    }
++  }
++  else
++  {
+   if ((fd = open (path, flags, 0600)) < 0)
+     return fd;
++  }
  
    /* make sure the file is not symlink */
    if (lstat (path, &osb) < 0 || fstat (fd, &nsb) < 0 ||
-@@ -363,6 +363,13 @@
-     return (-1);
-   }
- 
-+  /* Make sure the file is owned by us and has save permissions. */
-+  if (nsb.st_uid != geteuid() ||
-+      (nsb.st_mode & (S_IRWXG|S_IRWXO)) != 0) {
-+    close (fd);
-+    return (-1);
-+  }
-+
-   return (fd);
- }
-