pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/pkgsrc-2016Q2]: pkgsrc/devel/cvsps Pullup ticket #5074 - requested by...
details: https://anonhg.NetBSD.org/pkgsrc/rev/62cf049b9cb2
branches: pkgsrc-2016Q2
changeset: 408854:62cf049b9cb2
user: spz <spz%pkgsrc.org@localhost>
date: Thu Jul 28 12:56:35 2016 +0000
description:
Pullup ticket #5074 - requested by christos
devel/cvsps: security patch
Revisions pulled up:
- devel/cvsps/Makefile 1.27
- devel/cvsps/distinfo 1.14
- devel/cvsps/patches/patch-ag 1.2
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: christos
Date: Mon Jul 25 05:10:03 UTC 2016
Modified Files:
pkgsrc/devel/cvsps: Makefile distinfo
pkgsrc/devel/cvsps/patches: patch-ag
Log Message:
Fix buffer overflow on long lines
To generate a diff of this commit:
cvs rdiff -u -r1.26 -r1.27 pkgsrc/devel/cvsps/Makefile
cvs rdiff -u -r1.13 -r1.14 pkgsrc/devel/cvsps/distinfo
cvs rdiff -u -r1.1 -r1.2 pkgsrc/devel/cvsps/patches/patch-ag
diffstat:
devel/cvsps/Makefile | 4 +-
devel/cvsps/distinfo | 4 +-
devel/cvsps/patches/patch-ag | 92 +++++++++++++++++++++++++++++++++++++++++--
3 files changed, 91 insertions(+), 9 deletions(-)
diffs (134 lines):
diff -r 4bddd263e089 -r 62cf049b9cb2 devel/cvsps/Makefile
--- a/devel/cvsps/Makefile Wed Jul 20 18:53:40 2016 +0000
+++ b/devel/cvsps/Makefile Thu Jul 28 12:56:35 2016 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.26 2014/10/09 14:06:08 wiz Exp $
+# $NetBSD: Makefile,v 1.26.14.1 2016/07/28 12:56:35 spz Exp $
#
DISTNAME= cvsps-2.1
-PKGREVISION= 3
+PKGREVISION= 4
CATEGORIES= devel scm
MASTER_SITES= ${HOMEPAGE}
diff -r 4bddd263e089 -r 62cf049b9cb2 devel/cvsps/distinfo
--- a/devel/cvsps/distinfo Wed Jul 20 18:53:40 2016 +0000
+++ b/devel/cvsps/distinfo Thu Jul 28 12:56:35 2016 +0000
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.13 2015/11/03 03:27:21 agc Exp $
+$NetBSD: distinfo,v 1.13.6.1 2016/07/28 12:56:35 spz Exp $
SHA1 (cvsps-2.1.tar.gz) = a53a62b121e7b86e07a393bcb8aa4f0492a747c4
RMD160 (cvsps-2.1.tar.gz) = a3063f638fbf1136761549658432d5842e4a766f
@@ -10,4 +10,4 @@
SHA1 (patch-ad) = 20d84dc236a5c259677fdf68268de5bb64e6d26f
SHA1 (patch-ae) = 345036b4021f90a2f6629a5d32e85caa786d961f
SHA1 (patch-af) = d32eb67ede1d81ee3abe55a7f94515fcf3ea93cf
-SHA1 (patch-ag) = 38ea212acde5e07aee33413c79f893e311ebb85e
+SHA1 (patch-ag) = c68adbb42938ecb2f42c55bc9be0aa6db3b013f9
diff -r 4bddd263e089 -r 62cf049b9cb2 devel/cvsps/patches/patch-ag
--- a/devel/cvsps/patches/patch-ag Wed Jul 20 18:53:40 2016 +0000
+++ b/devel/cvsps/patches/patch-ag Thu Jul 28 12:56:35 2016 +0000
@@ -1,14 +1,96 @@
-$NetBSD: patch-ag,v 1.1 2012/06/29 14:59:24 christos Exp $
+$NetBSD: patch-ag,v 1.1.34.1 2016/07/28 12:56:35 spz Exp $
+
+Keep reading for M
+Avoid buffer overflow (truncate).
---- cvs_direct.c.orig 2012-06-28 17:52:13.000000000 -0400
-+++ cvs_direct.c 2012-06-28 17:52:51.000000000 -0400
-@@ -916,7 +916,9 @@
+--- cvs_direct.c.orig 2005-05-25 23:39:40.000000000 -0400
++++ cvs_direct.c 2016-07-25 01:06:39.000000000 -0400
+@@ -45,7 +45,7 @@
+ static void send_string(CvsServerCtx *, const char *, ...);
+ static int read_response(CvsServerCtx *, const char *);
+ static void ctx_to_fp(CvsServerCtx * ctx, FILE * fp);
+-static int read_line(CvsServerCtx * ctx, char * p);
++static int read_line(CvsServerCtx * ctx, char * p, size_t);
+
+ static CvsServerCtx * open_ctx_pserver(CvsServerCtx *, const char *);
+ static CvsServerCtx * open_ctx_forked(CvsServerCtx *, const char *);
+@@ -131,7 +131,7 @@
+ send_string(ctx, "valid-requests\n");
+
+ /* check for the commands we will issue */
+- read_line(ctx, buff);
++ read_line(ctx, buff, sizeof(buff));
+ if (strncmp(buff, "Valid-requests", 14) != 0)
+ {
+ debug(DEBUG_APPERROR, "cvs_direct: bad response to valid-requests command");
+@@ -150,7 +150,7 @@
+ return NULL;
+ }
+
+- read_line(ctx, buff);
++ read_line(ctx, buff, sizeof(buff));
+ if (strcmp(buff, "ok") != 0)
+ {
+ debug(DEBUG_APPERROR, "cvs_direct: bad ok trailer to valid-requests command");
+@@ -661,7 +661,7 @@
+ return len;
+ }
+
+-static int read_line(CvsServerCtx * ctx, char * p)
++static int read_line(CvsServerCtx * ctx, char * p, size_t size)
+ {
+ int len = 0;
+ while (1)
+@@ -672,7 +672,7 @@
+
+ *p = *ctx->head++;
+
+- if (*p == '\n')
++ if (*p == '\n' || len >= size - 1)
+ {
+ *p = 0;
+ break;
+@@ -689,7 +689,7 @@
+ /* FIXME: more than 1 char at a time */
+ char resp[BUFSIZ];
+
+- if (read_line(ctx, resp) < 0)
++ if (read_line(ctx, resp, sizeof(resp)) < 0)
+ return 0;
+
+ debug(DEBUG_TCP, "response '%s' read", resp);
+@@ -703,7 +703,7 @@
+
+ while (1)
+ {
+- read_line(ctx, line);
++ read_line(ctx, line, sizeof(line));
+ debug(DEBUG_TCP, "ctx_to_fp: %s", line);
+ if (memcmp(line, "M ", 2) == 0)
+ {
+@@ -879,7 +879,7 @@
+ char lbuff[BUFSIZ];
+ int len;
+
+- len = read_line(ctx, lbuff);
++ len = read_line(ctx, lbuff, sizeof(lbuff));
+ debug(DEBUG_TCP, "cvs_direct: rlog: read %s", lbuff);
+
+ if (memcmp(lbuff, "M ", 2) == 0)
+@@ -910,13 +910,15 @@
+ char lbuff[BUFSIZ];
+ strcpy(client_version, "Client: Concurrent Versions System (CVS) 99.99.99 (client/server) cvs-direct");
+ send_string(ctx, "version\n");
+- read_line(ctx, lbuff);
++ read_line(ctx, lbuff, sizeof(lbuff));
+ if (memcmp(lbuff, "M ", 2) == 0)
+ sprintf(server_version, "Server: %s", lbuff + 2);
else
debug(DEBUG_APPERROR, "cvs_direct: didn't read version: %s", lbuff);
- read_line(ctx, lbuff);
+ do
-+ read_line(ctx, lbuff);
++ read_line(ctx, lbuff, sizeof(lbuff));
+ while(memcmp(lbuff, "M ", 2) == 0);
if (strcmp(lbuff, "ok") != 0)
debug(DEBUG_APPERROR, "cvs_direct: protocol error reading version");
Home |
Main Index |
Thread Index |
Old Index