CVS commit: pkgsrc/shells/rssh

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/shells/rssh
From: "Havard Eidnes" <he%netbsd.org@localhost>
Date: Fri, 13 Apr 2018 16:59:13 +0000

Module Name:    pkgsrc
Committed By:   he
Date:           Fri Apr 13 16:59:13 UTC 2018

Modified Files:
        pkgsrc/shells/rssh: Makefile distinfo
Added Files:
        pkgsrc/shells/rssh/patches: patch-main.c.in
Removed Files:
        pkgsrc/shells/rssh/patches: patch-ab

Log Message:
Add a patch to main.c.in (and in the process rename the diff):
Make a copy of the basename() result, so as to avoid a fortify
abort due to overlapping memcpy() when the result from basename()
is subsequently passed to basename().
Bump PKGREVISION.


To generate a diff of this commit:
cvs rdiff -u -r1.18 -r1.19 pkgsrc/shells/rssh/Makefile
cvs rdiff -u -r1.9 -r1.10 pkgsrc/shells/rssh/distinfo
cvs rdiff -u -r1.2 -r0 pkgsrc/shells/rssh/patches/patch-ab
cvs rdiff -u -r0 -r1.1 pkgsrc/shells/rssh/patches/patch-main.c.in

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/shells/rssh/Makefile
diff -u pkgsrc/shells/rssh/Makefile:1.18 pkgsrc/shells/rssh/Makefile:1.19
--- pkgsrc/shells/rssh/Makefile:1.18    Fri Feb 26 09:43:09 2016
+++ pkgsrc/shells/rssh/Makefile Fri Apr 13 16:59:13 2018
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.18 2016/02/26 09:43:09 jperkin Exp $
+# $NetBSD: Makefile,v 1.19 2018/04/13 16:59:13 he Exp $
 
 DISTNAME=      rssh-2.3.4
-PKGREVISION= 1
+PKGREVISION= 2
 CATEGORIES=    shells security
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=rssh/}
 

Index: pkgsrc/shells/rssh/distinfo
diff -u pkgsrc/shells/rssh/distinfo:1.9 pkgsrc/shells/rssh/distinfo:1.10
--- pkgsrc/shells/rssh/distinfo:1.9     Mon Nov  2 23:00:35 2015
+++ pkgsrc/shells/rssh/distinfo Fri Apr 13 16:59:13 2018
@@ -1,10 +1,10 @@
-$NetBSD: distinfo,v 1.9 2015/11/02 23:00:35 agc Exp $
+$NetBSD: distinfo,v 1.10 2018/04/13 16:59:13 he Exp $
 
 SHA1 (rssh-2.3.4.tar.gz) = e13ae1fdce4b0c89ef70f4695689139c8409e2e8
 RMD160 (rssh-2.3.4.tar.gz) = 4fdd086820fe67f6dc97671875c43dcad9c4afd3
 SHA512 (rssh-2.3.4.tar.gz) = c1a77abdf4abe5f936fb1c9c008fc81fabf7b624d69ed31fe2ae5619dfa4a79f1d4a4f2daa5291a36d40353fa2168e74e5ba61294230d702fcdc88ae0d520487
 Size (rssh-2.3.4.tar.gz) = 113315 bytes
 SHA1 (patch-aa) = 0210a1c717098e6afa760192cc8f9d6811d2fd9f
-SHA1 (patch-ab) = 19a5f7ffe3fef0c6aa17c1611c564c45a802ea96
+SHA1 (patch-main.c.in) = a23cba65fd8304b5bf365817c34d9a19884a464d
 SHA1 (patch-rsshconf.c) = a2c2b14bf3619f77cf4e3cbfeaaa4b356d145443
 SHA1 (patch-util.c) = dcfb7943662aaa733e99d78a810582af1d5d5581

Added files:

Index: pkgsrc/shells/rssh/patches/patch-main.c.in
diff -u /dev/null pkgsrc/shells/rssh/patches/patch-main.c.in:1.1
--- /dev/null   Fri Apr 13 16:59:13 2018
+++ pkgsrc/shells/rssh/patches/patch-main.c.in  Fri Apr 13 16:59:13 2018
@@ -0,0 +1,50 @@
+$NetBSD: patch-main.c.in,v 1.1 2018/04/13 16:59:13 he Exp $
+
+Make a copy of the basename() result, so as to avoid a fortify
+abort due to overlapping memcpy() when the result from basename()
+is subsequently passed to basename().
+
+Also a fix related to memory allocation.
+
+--- main.c.in.orig     2012-11-26 05:02:17.000000000 +0000
++++ main.c.in
+@@ -92,6 +92,7 @@ int main( int argc, char **argv )
+       ShellOptions_t  opts;   /* options configured by config file */
+       struct passwd   uinfo;  /* info about the user running rssh */
+       struct passwd   *temp;  /* copy temp into uinfo */ 
++      char            *av0bn;
+ 
+       /* if we just want the version, give it an exit */
+       if ( argc == 2 && !( strcmp(argv[1], "-v")) ){
+@@ -117,7 +118,8 @@ int main( int argc, char **argv )
+       else
+               /* this probably should never happen */
+               username = "unknown user!";
+-      progname = strdup(log_make_ident(basename(argv[0])));
++      av0bn = strdup(basename(argv[0]));
++      progname = strdup(log_make_ident(av0bn));
+       log_set_facility(LOG_DAEMON);
+       log_open();
+ 
+@@ -198,7 +200,7 @@ char **build_shell_args( struct passwd u
+                * build_arg_vector() in the chroot helper instead...
+                  */
+ 
+-              if ( !(argvec = (char **)malloc(6 * sizeof (char *))) ){
++              if ( !(argvec = (char **)malloc(4 * sizeof (char *))) ){
+                       log_set_priority(LOG_ERR);
+                       log_msg("OOM error in build_shell_args() (fatal)");
+                       exit(1);
+@@ -229,9 +231,9 @@ char **build_shell_args( struct passwd u
+               /* change the command to run to the chroot helper */
+               *cmd = PATH_CHROOT_HELPER;
+ 
+-              /* set up buffer to log command line ('"' + ' ' + '\0' = 9) */
+-              len = strlen(cmdline) +  strlen(argvec[2]) + 
+-                      strlen(PATH_CHROOT_HELPER) + 9;
++              /* set up buffer to log command line (argvec[1] + '"' + ' ' + '\0' = 6) */
++              len = strlen(cmdline) +
++                      strlen(PATH_CHROOT_HELPER) + 6;
+               if ( !(temp = (char *)malloc(len)) ){
+                       log_set_priority(LOG_ERR);
+                       log_msg("OOM error in build_shell_args() (fatal)");

Prev by Date: CVS commit: pkgsrc/editors/emacs25
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/editors/emacs25
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index