pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/pkgtools/pkg_select
Module Name: pkgsrc
Committed By: maya
Date: Fri Dec 29 17:55:13 UTC 2017
Modified Files:
pkgsrc/pkgtools/pkg_select: Makefile distinfo
Added Files:
pkgsrc/pkgtools/pkg_select/patches: patch-file.c patch-tools.h
Log Message:
pkg_select: fix buffer overflow
expanding the macro with ++len for size meant our memset to zero was
one bigger than the above allocated size.
while here simplify the problematic macro - malloc+memset zero is calloc.
bump pkgrevision
To generate a diff of this commit:
cvs rdiff -u -r1.25 -r1.26 pkgsrc/pkgtools/pkg_select/Makefile
cvs rdiff -u -r1.11 -r1.12 pkgsrc/pkgtools/pkg_select/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/pkgtools/pkg_select/patches/patch-file.c \
pkgsrc/pkgtools/pkg_select/patches/patch-tools.h
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/pkgtools/pkg_select/Makefile
diff -u pkgsrc/pkgtools/pkg_select/Makefile:1.25 pkgsrc/pkgtools/pkg_select/Makefile:1.26
--- pkgsrc/pkgtools/pkg_select/Makefile:1.25 Fri Dec 29 11:59:13 2017
+++ pkgsrc/pkgtools/pkg_select/Makefile Fri Dec 29 17:55:13 2017
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.25 2017/12/29 11:59:13 plunky Exp $
+# $NetBSD: Makefile,v 1.26 2017/12/29 17:55:13 maya Exp $
#
DISTNAME= pkg_select-20090308
-PKGREVISION= 7
+PKGREVISION= 8
CATEGORIES= pkgtools
MASTER_SITES= ftp://ftp.NetBSD.org/pub/NetBSD/misc/imil/
Index: pkgsrc/pkgtools/pkg_select/distinfo
diff -u pkgsrc/pkgtools/pkg_select/distinfo:1.11 pkgsrc/pkgtools/pkg_select/distinfo:1.12
--- pkgsrc/pkgtools/pkg_select/distinfo:1.11 Fri Dec 29 11:59:13 2017
+++ pkgsrc/pkgtools/pkg_select/distinfo Fri Dec 29 17:55:13 2017
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.11 2017/12/29 11:59:13 plunky Exp $
+$NetBSD: distinfo,v 1.12 2017/12/29 17:55:13 maya Exp $
SHA1 (pkg_select-20090308.tar.gz) = f4a4f40927631d16ee563671ce98e69843382c93
RMD160 (pkg_select-20090308.tar.gz) = d265f8e18ee4500e2ac34ba2d105acff28cc7e91
@@ -6,9 +6,11 @@ SHA512 (pkg_select-20090308.tar.gz) = 77
Size (pkg_select-20090308.tar.gz) = 54637 bytes
SHA1 (patch-curses__helpers.c) = fa30914f4a9b147c433fcb32249d2b773a5e2604
SHA1 (patch-extern.h) = e1248f7180a76ec8f623719037cf5306b8de573b
+SHA1 (patch-file.c) = ad32f135386b8c4be140305ccade97f6220f168d
SHA1 (patch-install__many.c) = 24a39faaab697a84103311f0fc28c2670e201bbe
SHA1 (patch-listmgt.c) = d27477fd0ce46a9c8ad6a86818dd9f018557459a
SHA1 (patch-live.c) = b821986e8da22cd53b6c95975cd36abafbeda453
SHA1 (patch-more.c) = 0a8c4440a085edfae7f8f4832cdbb7878e3bf85b
SHA1 (patch-pkg__info.c) = d6c1f93461c91cfe44a9659d7197406c9c47d890
SHA1 (patch-pkgsrc.c) = df0b6c9633e75bc784ec34e88ec4201426d66464
+SHA1 (patch-tools.h) = add83ba82a5aa96c0805348e767bc0fffc2f9e0b
Added files:
Index: pkgsrc/pkgtools/pkg_select/patches/patch-file.c
diff -u /dev/null pkgsrc/pkgtools/pkg_select/patches/patch-file.c:1.1
--- /dev/null Fri Dec 29 17:55:13 2017
+++ pkgsrc/pkgtools/pkg_select/patches/patch-file.c Fri Dec 29 17:55:13 2017
@@ -0,0 +1,17 @@
+$NetBSD: patch-file.c,v 1.1 2017/12/29 17:55:13 maya Exp $
+
+Avoid buffer overflow from magical side effecting macro expansion
+
+--- file.c.orig 2009-03-08 14:25:53.000000000 +0000
++++ file.c
+@@ -156,7 +156,9 @@ loadfile(const char *path)
+ if (len == 0)
+ return(NULL);
+
+- XMALLOC(lfile, ++len * sizeof(char *));
++ ++len;
++
++ XMALLOC(lfile, len * sizeof(char *));
+
+ for (i = 0; i < len; i++)
+ lfile[i] = NULL;
Index: pkgsrc/pkgtools/pkg_select/patches/patch-tools.h
diff -u /dev/null pkgsrc/pkgtools/pkg_select/patches/patch-tools.h:1.1
--- /dev/null Fri Dec 29 17:55:13 2017
+++ pkgsrc/pkgtools/pkg_select/patches/patch-tools.h Fri Dec 29 17:55:13 2017
@@ -0,0 +1,18 @@
+$NetBSD: patch-tools.h,v 1.1 2017/12/29 17:55:13 maya Exp $
+
+malloc+memset to calloc
+
+--- tools.h.orig 2009-03-08 14:25:53.000000000 +0000
++++ tools.h
+@@ -74,10 +74,9 @@
+
+ #define XMALLOC(elm, size) \
+ do { \
+- elm = malloc(size); \
++ elm = calloc(1, size); \
+ if (elm == NULL) \
+ err(1, "can't allocate memory\n"); \
+- memset(elm, 0, size); \
+ } while (/* CONSTCOND */ 0)
+
+ #define XSTRDUP(dest, src) \
Home |
Main Index |
Thread Index |
Old Index