OpenPKG CVS Repository http://cvs.openpkg.org/ ____________________________________________________________________________
Server: cvs.openpkg.org Name: Thomas Lotterer Root: /e/openpkg/cvs Email: [EMAIL PROTECTED] Module: openpkg-src Date: 12-Mar-2004 15:05:32 Branch: OPENPKG_1_3_SOLID Handle: 2004031214053200 Added files: (Branch: OPENPKG_1_3_SOLID) openpkg-src/uudeview uudeview.patch Modified files: (Branch: OPENPKG_1_3_SOLID) openpkg-src/uudeview uudeview.spec Log: MFC: mkstemp security enhancement; OpenPKG-SA-2004.006 backport of bugfixes from diff 0.5.18/ 0.5.20/ including two fixes for buffer overflows Summary: Revision Changes Path 1.2.4.1 +230 -0 openpkg-src/uudeview/uudeview.patch 1.22.2.2.2.2+3 -1 openpkg-src/uudeview/uudeview.spec ____________________________________________________________________________ patch -p0 <<'@@ .' Index: openpkg-src/uudeview/uudeview.patch ============================================================================ $ cvs diff -u -r0 -r1.2.4.1 uudeview.patch --- /dev/null 2004-03-12 15:05:32.000000000 +0100 +++ uudeview.patch 2004-03-12 15:05:32.000000000 +0100 @@ -0,0 +1,230 @@ +mkstemp security enhancement. Similar to +FreeBSD http://www.freebsd.org/cgi/query-pr.cgi?pr=41508 +SuSE uudeview-0.5.18-244.src.rpm + +--- unix/uudeview.c ++++ unix/uudeview.c +@@ -434,7 +434,7 @@ + return 0; + } + +- if ((stdfile = tempnam (NULL, "uu")) == NULL) { ++ if ((stdfile = _FP_tempnam (NULL, "uu")) == NULL) { + fprintf (stderr, "proc_stdin: cannot get temporary file\n"); + return 0; + } + +--- uulib/fptools.c ++++ uulib/fptools.c +@@ -507,5 +507,15 @@ + char * TOOLEXPORT + _FP_tempnam (char *dir, char *pfx) + { +- return _FP_strdup (tmpnam (NULL)); ++ int fd; ++ char fileName[100]; ++ ++ strncpy(fileName, pfx, 90); ++ strcat(fileName, "XXXXXX"); ++ fd = mkstemp(fileName); ++ if (fd == -1) ++ return NULL; ++ close(fd); ++ unlink(fileName); ++ return _FP_strdup (fileName); + } + +--- uulib/uunconc.c ++++ uulib/uunconc.c +@@ -1264,7 +1264,7 @@ + else + mode = "wb"; /* otherwise in binary */ + +- if ((data->binfile = tempnam (NULL, "uu")) == NULL) { ++ if ((data->binfile = _FP_tempnam (NULL, "uu")) == NULL) { + UUMessage (uunconc_id, __LINE__, UUMSG_ERROR, + uustring (S_NO_TEMP_NAME)); + return UURET_NOMEM; +@@ -1426,7 +1426,7 @@ + */ + + if (data->uudet == BH_ENCODED && data->binfile) { +- if ((ntmp = tempnam (NULL, "uu")) == NULL) { ++ if ((ntmp = _FP_tempnam (NULL, "uu")) == NULL) { + UUMessage (uunconc_id, __LINE__, UUMSG_ERROR, + uustring (S_NO_TEMP_NAME)); + progress.action = 0; + +--- uulib/fptools.c 2001-06-06 20:21:47.000000000 +0200 ++++ uulib/fptools.c 2003-04-13 17:41:55.000000000 +0200 +@@ -392,7 +392,7 @@ + { + char *ptr; + +- if (string == NULL) ++ if (string == NULL || !*string) + return NULL; + + ptr = string + strlen (string) - 1; + +--- uulib/uunconc.c 2002-04-02 12:04:52.000000000 +0200 ++++ uulib/uunconc.c 2003-09-30 01:17:35.000000000 +0200 +@@ -541,6 +541,8 @@ + + while (vflag == 0 && nflag && safety--) { + if (nflag == 1) { /* need next line to repair */ ++ if (strlen (line) > 250) ++ break; + ptr = line + strlen (line); + while (ptr>line && (*(ptr-1)=='\015' || *(ptr-1)=='\012')) + ptr--; +@@ -1336,7 +1401,7 @@ + + iter = data->thisfile; + while (iter) { +- if (part != -1 && iter->partno != part+1) ++ if (part != -1 && iter->partno != part+1 && !uu_desperate) + break; + else + part = iter->partno; + +--- uulib/uuscan.c 2002-04-02 12:04:52.000000000 +0200 ++++ uulib/uuscan.c 2003-07-06 20:29:35.000000000 +0200 +@@ -855,7 +937,7 @@ + + if (strncmp (line, "=ybegin ", 8) == 0 && + _FP_strstr (line, " name=") != NULL) { +- if ((result->begin || result->end) && !uu_more_mime) { ++ if ((result->begin || result->end || result->uudet) && !uu_more_mime) { + fseek (datei, oldposition, SEEK_SET); + break; + } +@@ -928,8 +928,7 @@ + if (yepartends == 0 || yepartends >= yefilesize) { + result->end = 1; + } +- if (!uu_more_mime) +- break; ++ continue; + } + + /* +@@ -1402,9 +1504,9 @@ + if (UUBUSYPOLL(ftell(datei),progress.fsize)) SPCANCEL(); + if (_FP_fgets (line, 255, datei) == NULL) + break; ++ line[255] = '\0'; + if (!IsLineEmpty (line)) { + fseek (datei, preheaders, SEEK_SET); +- line[255] = '\0'; + break; + } + preheaders = ftell (datei); + +http://www.fpx.de/fp/Software/UUDeview/HISTORY.txt + 0.5.20 (01.03.2004) + -------- + - fix fgets to accept lines that are exactly of the maximum length [uunconc.c, uuscan.c] + - fix two buffer overflows [uuscan.c@@391, fptools.c] + +diff --unified=3 uudeview-0.5.19/uulib/fptools.c uudeview-0.5.20/uulib/fptools.c +--- uulib/fptools.c 1.7 2003-04-13 17:41:55.000000000 +0200 ++++ uulib/fptools.c 1.8 2004-02-24 01:05:32.000000000 +0100 +@@ -444,7 +444,7 @@ + if (feof (stream)) + return NULL; + +- while (--n) { ++ while (--n && !feof (stream)) { + if ((c = fgetc (stream)) == EOF) { + if (ferror (stream)) + return NULL; +@@ -478,11 +478,28 @@ + */ + *buf++ = c; + } ++ + /* + * n-1 characters already transferred + */ ++ + *buf = '\0'; + ++ /* ++ * If a line break is coming up, read it ++ */ ++ ++ if (!feof (stream)) { ++ if ((c = fgetc (stream)) == '\015' && !feof (stream)) { ++ if ((c = fgetc (stream)) != '\012' && !feof (stream)) { ++ ungetc (c, stream); ++ } ++ } ++ else if (c != '\012' && !feof (stream)) { ++ ungetc (c, stream); ++ } ++ } ++ + return obp; + } + +diff --unified=3 uudeview-0.5.19/uulib/uunconc.c uudeview-0.5.20/uulib/uunconc.c +--- uulib/uunconc.c 1.36 2003-09-30 01:17:35.000000000 +0200 ++++ uulib/uunconc.c 1.38 2004-03-01 23:52:27.000000000 +0100 +@@ -1004,7 +1004,7 @@ + while (!feof (datain) && *state != DONE && + (ftell(datain)<maxpos || flags&FL_TOEND || maxpos==-1 || + (!(flags&FL_PROPER) && uu_fast_scanning))) { +- if (_FP_fgets (line, 299, datain) == NULL) ++ if (_FP_fgets (line, 255, datain) == NULL) + break; + + if (ferror (datain)) { +@@ -1046,7 +1046,7 @@ + * try to make sense of data + */ + +- line[299] = '\0'; /* For Safety of string functions */ ++ line[255] = '\0'; /* For Safety of string functions */ + count = 0; + + if (boundary && line[0]=='-' && line[1]=='-' && +@@ -1113,7 +1113,7 @@ + } + + if (_FP_strstr (line, " part=") != NULL) { +- if (_FP_fgets (line, 299, datain) == NULL) { ++ if (_FP_fgets (line, 255, datain) == NULL) { + break; + } + +--- uulib/uuscan.c 2002-04-02 12:04:52.000000000 +0200 ++++ uulib/uuscan.c 2003-07-06 20:29:35.000000000 +0200 +@@ -310,8 +310,10 @@ + *attribute != '\\' &&*attribute != '"' && + *attribute != '/' && *attribute != '[' && + *attribute != ']' && *attribute != '?' && +- *attribute != '=' && length < 255) ++ *attribute != '=' && length < 255) { + *ptr++ = *attribute++; ++ length++; ++ } + + *ptr = '\0'; + } +@@ -547,12 +547,12 @@ + + while (!feof (datei)) { + oldposition = ftell (datei); +- if (_FP_fgets (line, 299, datei) == NULL) ++ if (_FP_fgets (line, 255, datei) == NULL) + break; + if (ferror (datei)) + break; + +- line[299] = '\0'; /* For Safety of string functions */ ++ line[255] = '\0'; /* For Safety of string functions */ + + /* + * Make Busy Polls + @@ . patch -p0 <<'@@ .' Index: openpkg-src/uudeview/uudeview.spec ============================================================================ $ cvs diff -u -r1.22.2.2.2.1 -r1.22.2.2.2.2 uudeview.spec --- openpkg-src/uudeview/uudeview.spec 29 Jul 2003 15:02:10 -0000 1.22.2.2.2.1 +++ openpkg-src/uudeview/uudeview.spec 12 Mar 2004 14:05:32 -0000 1.22.2.2.2.2 @@ -33,10 +33,11 @@ Group: Converter License: GPL Version: 0.5.18 -Release: 1.3.0 +Release: 1.3.1 # list of sources Source0: http://www.fpx.de/fp/Software/UUDeview/download/uudeview-%{version}.tar.gz +Patch0: uudeview.patch # build information Prefix: %{l_prefix} @@ -57,6 +58,7 @@ %prep %setup -q + %patch -p0 %build CC="%{l_cc}" \ @@ . ______________________________________________________________________ The OpenPKG Project www.openpkg.org CVS Repository Commit List [EMAIL PROTECTED]