pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/net/inetutils
Module Name: pkgsrc
Committed By: maya
Date: Thu Dec 13 05:34:38 UTC 2018
Modified Files:
pkgsrc/net/inetutils: Makefile distinfo
Added Files:
pkgsrc/net/inetutils/patches: patch-telnet_telnet.c
patch-telnet_utilities.c
Log Message:
inetutils: avoid buffer overflow, infinite loop. bump PKGREVISION.
To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/net/inetutils/Makefile
cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/inetutils/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/net/inetutils/patches/patch-telnet_telnet.c \
pkgsrc/net/inetutils/patches/patch-telnet_utilities.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/net/inetutils/Makefile
diff -u pkgsrc/net/inetutils/Makefile:1.3 pkgsrc/net/inetutils/Makefile:1.4
--- pkgsrc/net/inetutils/Makefile:1.3 Fri Sep 8 09:45:12 2017
+++ pkgsrc/net/inetutils/Makefile Thu Dec 13 05:34:38 2018
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.3 2017/09/08 09:45:12 adam Exp $
+# $NetBSD: Makefile,v 1.4 2018/12/13 05:34:38 maya Exp $
DISTNAME= inetutils-1.9.4
-PKGREVISION= 1
+PKGREVISION= 2
CATEGORIES= net
MASTER_SITES= ${MASTER_SITE_GNU:=inetutils/}
EXTRACT_SUFX= .tar.xz
Index: pkgsrc/net/inetutils/distinfo
diff -u pkgsrc/net/inetutils/distinfo:1.1 pkgsrc/net/inetutils/distinfo:1.2
--- pkgsrc/net/inetutils/distinfo:1.1 Fri Jul 7 04:03:06 2017
+++ pkgsrc/net/inetutils/distinfo Thu Dec 13 05:34:38 2018
@@ -1,6 +1,8 @@
-$NetBSD: distinfo,v 1.1 2017/07/07 04:03:06 adam Exp $
+$NetBSD: distinfo,v 1.2 2018/12/13 05:34:38 maya Exp $
SHA1 (inetutils-1.9.4.tar.xz) = 5e515cc9da142cb73bb1beda137b4c2dcf2b528c
RMD160 (inetutils-1.9.4.tar.xz) = 0c144d9ac0b5c07beca1e634fc5b2c5bae15917d
SHA512 (inetutils-1.9.4.tar.xz) = 020d1cab6659da63b26445b29820ad6769b8cf992496bece3dcbfba73804e29cc5c496d59f36046d432f9cc7fadefa3170f6d8faa855e59435aff4ecef724e66
Size (inetutils-1.9.4.tar.xz) = 1364408 bytes
+SHA1 (patch-telnet_telnet.c) = a3fe07b5d00bae8d9a9f69d0c2996d88e84c8cd9
+SHA1 (patch-telnet_utilities.c) = ddd301b000d73eff9da8ded700ee374aa0798c12
Added files:
Index: pkgsrc/net/inetutils/patches/patch-telnet_telnet.c
diff -u /dev/null pkgsrc/net/inetutils/patches/patch-telnet_telnet.c:1.1
--- /dev/null Thu Dec 13 05:34:38 2018
+++ pkgsrc/net/inetutils/patches/patch-telnet_telnet.c Thu Dec 13 05:34:38 2018
@@ -0,0 +1,33 @@
+$NetBSD: patch-telnet_telnet.c,v 1.1 2018/12/13 05:34:38 maya Exp $
+
+Avoid easy buffer overflow.
+
+--- telnet/telnet.c.orig 2015-03-31 15:40:50.000000000 +0000
++++ telnet/telnet.c
+@@ -861,7 +861,7 @@ suboption (void)
+ len = strlen (name) + 4 + 2;
+ if (len < NETROOM ())
+ {
+- sprintf ((char *) temp, "%c%c%c%c%s%c%c", IAC, SB, TELOPT_TTYPE,
++ snprintf ((char *) temp, sizeof(temp), "%c%c%c%c%s%c%c", IAC, SB, TELOPT_TTYPE,
+ TELQUAL_IS, name, IAC, SE);
+ ring_supply_data (&netoring, temp, len);
+ printsub ('>', &temp[2], len - 2);
+@@ -885,7 +885,7 @@ suboption (void)
+
+ TerminalSpeeds (&ispeed, &ospeed);
+
+- sprintf ((char *) temp, "%c%c%c%c%d,%d%c%c", IAC, SB, TELOPT_TSPEED,
++ snprintf ((char *) temp, sizeof(temp), "%c%c%c%c%d,%d%c%c", IAC, SB, TELOPT_TSPEED,
+ TELQUAL_IS, (int) ospeed, (int) ispeed, IAC, SE);
+ len = strlen ((char *) temp + 4) + 4; /* temp[3] is 0 ... */
+
+@@ -999,7 +999,7 @@ suboption (void)
+ send_wont (TELOPT_XDISPLOC, 1);
+ break;
+ }
+- sprintf ((char *) temp, "%c%c%c%c%s%c%c", IAC, SB, TELOPT_XDISPLOC,
++ snprintf ((char *) temp, sizeof(temp), "%c%c%c%c%s%c%c", IAC, SB, TELOPT_XDISPLOC,
+ TELQUAL_IS, dp, IAC, SE);
+ len = strlen ((char *) temp + 4) + 4; /* temp[3] is 0 ... */
+
Index: pkgsrc/net/inetutils/patches/patch-telnet_utilities.c
diff -u /dev/null pkgsrc/net/inetutils/patches/patch-telnet_utilities.c:1.1
--- /dev/null Thu Dec 13 05:34:38 2018
+++ pkgsrc/net/inetutils/patches/patch-telnet_utilities.c Thu Dec 13 05:34:38 2018
@@ -0,0 +1,14 @@
+$NetBSD: patch-telnet_utilities.c,v 1.1 2018/12/13 05:34:38 maya Exp $
+
+Avoid infinite loop. This is an error exit.
+
+--- telnet/utilities.c.orig 2015-03-31 15:40:50.000000000 +0000
++++ telnet/utilities.c
+@@ -1062,7 +1062,6 @@ Exit (int returnCode)
+ void
+ ExitString (char *string, int returnCode)
+ {
+- SetForExit ();
+ fwrite (string, 1, strlen (string), stderr);
+ exit (returnCode);
+ }
Home |
Main Index |
Thread Index |
Old Index