OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Thomas Lotterer
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-src Date: 12-Mar-2004 15:05:32
Branch: OPENPKG_1_3_SOLID Handle: 2004031214053200
Added files: (Branch: OPENPKG_1_3_SOLID)
openpkg-src/uudeview uudeview.patch
Modified files: (Branch: OPENPKG_1_3_SOLID)
openpkg-src/uudeview uudeview.spec
Log:
MFC: mkstemp security enhancement; OpenPKG-SA-2004.006 backport of
bugfixes from diff 0.5.18/ 0.5.20/ including two fixes for buffer
overflows
Summary:
Revision Changes Path
1.2.4.1 +230 -0 openpkg-src/uudeview/uudeview.patch
1.22.2.2.2.2+3 -1 openpkg-src/uudeview/uudeview.spec
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-src/uudeview/uudeview.patch
============================================================================
$ cvs diff -u -r0 -r1.2.4.1 uudeview.patch
--- /dev/null 2004-03-12 15:05:32.000000000 +0100
+++ uudeview.patch 2004-03-12 15:05:32.000000000 +0100
@@ -0,0 +1,230 @@
+mkstemp security enhancement. Similar to
+FreeBSD http://www.freebsd.org/cgi/query-pr.cgi?pr=41508
+SuSE uudeview-0.5.18-244.src.rpm
+
+--- unix/uudeview.c
++++ unix/uudeview.c
+@@ -434,7 +434,7 @@
+ return 0;
+ }
+
+- if ((stdfile = tempnam (NULL, "uu")) == NULL) {
++ if ((stdfile = _FP_tempnam (NULL, "uu")) == NULL) {
+ fprintf (stderr, "proc_stdin: cannot get temporary file\n");
+ return 0;
+ }
+
+--- uulib/fptools.c
++++ uulib/fptools.c
+@@ -507,5 +507,15 @@
+ char * TOOLEXPORT
+ _FP_tempnam (char *dir, char *pfx)
+ {
+- return _FP_strdup (tmpnam (NULL));
++ int fd;
++ char fileName[100];
++
++ strncpy(fileName, pfx, 90);
++ strcat(fileName, "XXXXXX");
++ fd = mkstemp(fileName);
++ if (fd == -1)
++ return NULL;
++ close(fd);
++ unlink(fileName);
++ return _FP_strdup (fileName);
+ }
+
+--- uulib/uunconc.c
++++ uulib/uunconc.c
+@@ -1264,7 +1264,7 @@
+ else
+ mode = "wb"; /* otherwise in binary */
+
+- if ((data->binfile = tempnam (NULL, "uu")) == NULL) {
++ if ((data->binfile = _FP_tempnam (NULL, "uu")) == NULL) {
+ UUMessage (uunconc_id, __LINE__, UUMSG_ERROR,
+ uustring (S_NO_TEMP_NAME));
+ return UURET_NOMEM;
+@@ -1426,7 +1426,7 @@
+ */
+
+ if (data->uudet == BH_ENCODED && data->binfile) {
+- if ((ntmp = tempnam (NULL, "uu")) == NULL) {
++ if ((ntmp = _FP_tempnam (NULL, "uu")) == NULL) {
+ UUMessage (uunconc_id, __LINE__, UUMSG_ERROR,
+ uustring (S_NO_TEMP_NAME));
+ progress.action = 0;
+
+--- uulib/fptools.c 2001-06-06 20:21:47.000000000 +0200
++++ uulib/fptools.c 2003-04-13 17:41:55.000000000 +0200
+@@ -392,7 +392,7 @@
+ {
+ char *ptr;
+
+- if (string == NULL)
++ if (string == NULL || !*string)
+ return NULL;
+
+ ptr = string + strlen (string) - 1;
+
+--- uulib/uunconc.c 2002-04-02 12:04:52.000000000 +0200
++++ uulib/uunconc.c 2003-09-30 01:17:35.000000000 +0200
+@@ -541,6 +541,8 @@
+
+ while (vflag == 0 && nflag && safety--) {
+ if (nflag == 1) { /* need next line to repair */
++ if (strlen (line) > 250)
++ break;
+ ptr = line + strlen (line);
+ while (ptr>line && (*(ptr-1)=='\015' || *(ptr-1)=='\012'))
+ ptr--;
+@@ -1336,7 +1401,7 @@
+
+ iter = data->thisfile;
+ while (iter) {
+- if (part != -1 && iter->partno != part+1)
++ if (part != -1 && iter->partno != part+1 && !uu_desperate)
+ break;
+ else
+ part = iter->partno;
+
+--- uulib/uuscan.c 2002-04-02 12:04:52.000000000 +0200
++++ uulib/uuscan.c 2003-07-06 20:29:35.000000000 +0200
+@@ -855,7 +937,7 @@
+
+ if (strncmp (line, "=ybegin ", 8) == 0 &&
+ _FP_strstr (line, " name=") != NULL) {
+- if ((result->begin || result->end) && !uu_more_mime) {
++ if ((result->begin || result->end || result->uudet) && !uu_more_mime) {
+ fseek (datei, oldposition, SEEK_SET);
+ break;
+ }
+@@ -928,8 +928,7 @@
+ if (yepartends == 0 || yepartends >= yefilesize) {
+ result->end = 1;
+ }
+- if (!uu_more_mime)
+- break;
++ continue;
+ }
+
+ /*
+@@ -1402,9 +1504,9 @@
+ if (UUBUSYPOLL(ftell(datei),progress.fsize)) SPCANCEL();
+ if (_FP_fgets (line, 255, datei) == NULL)
+ break;
++ line[255] = '\0';
+ if (!IsLineEmpty (line)) {
+ fseek (datei, preheaders, SEEK_SET);
+- line[255] = '\0';
+ break;
+ }
+ preheaders = ftell (datei);
+
+http://www.fpx.de/fp/Software/UUDeview/HISTORY.txt
+ 0.5.20 (01.03.2004)
+ --------
+ - fix fgets to accept lines that are exactly of the maximum length [uunconc.c,
uuscan.c]
+ - fix two buffer overflows [uuscan.c@@391, fptools.c]
+
+diff --unified=3 uudeview-0.5.19/uulib/fptools.c uudeview-0.5.20/uulib/fptools.c
+--- uulib/fptools.c 1.7 2003-04-13 17:41:55.000000000 +0200
++++ uulib/fptools.c 1.8 2004-02-24 01:05:32.000000000 +0100
+@@ -444,7 +444,7 @@
+ if (feof (stream))
+ return NULL;
+
+- while (--n) {
++ while (--n && !feof (stream)) {
+ if ((c = fgetc (stream)) == EOF) {
+ if (ferror (stream))
+ return NULL;
+@@ -478,11 +478,28 @@
+ */
+ *buf++ = c;
+ }
++
+ /*
+ * n-1 characters already transferred
+ */
++
+ *buf = '\0';
+
++ /*
++ * If a line break is coming up, read it
++ */
++
++ if (!feof (stream)) {
++ if ((c = fgetc (stream)) == '\015' && !feof (stream)) {
++ if ((c = fgetc (stream)) != '\012' && !feof (stream)) {
++ ungetc (c, stream);
++ }
++ }
++ else if (c != '\012' && !feof (stream)) {
++ ungetc (c, stream);
++ }
++ }
++
+ return obp;
+ }
+
+diff --unified=3 uudeview-0.5.19/uulib/uunconc.c uudeview-0.5.20/uulib/uunconc.c
+--- uulib/uunconc.c 1.36 2003-09-30 01:17:35.000000000 +0200
++++ uulib/uunconc.c 1.38 2004-03-01 23:52:27.000000000 +0100
+@@ -1004,7 +1004,7 @@
+ while (!feof (datain) && *state != DONE &&
+ (ftell(datain)<maxpos || flags&FL_TOEND || maxpos==-1 ||
+ (!(flags&FL_PROPER) && uu_fast_scanning))) {
+- if (_FP_fgets (line, 299, datain) == NULL)
++ if (_FP_fgets (line, 255, datain) == NULL)
+ break;
+
+ if (ferror (datain)) {
+@@ -1046,7 +1046,7 @@
+ * try to make sense of data
+ */
+
+- line[299] = '\0'; /* For Safety of string functions */
++ line[255] = '\0'; /* For Safety of string functions */
+ count = 0;
+
+ if (boundary && line[0]=='-' && line[1]=='-' &&
+@@ -1113,7 +1113,7 @@
+ }
+
+ if (_FP_strstr (line, " part=") != NULL) {
+- if (_FP_fgets (line, 299, datain) == NULL) {
++ if (_FP_fgets (line, 255, datain) == NULL) {
+ break;
+ }
+
+--- uulib/uuscan.c 2002-04-02 12:04:52.000000000 +0200
++++ uulib/uuscan.c 2003-07-06 20:29:35.000000000 +0200
+@@ -310,8 +310,10 @@
+ *attribute != '\\' &&*attribute != '"' &&
+ *attribute != '/' && *attribute != '[' &&
+ *attribute != ']' && *attribute != '?' &&
+- *attribute != '=' && length < 255)
++ *attribute != '=' && length < 255) {
+ *ptr++ = *attribute++;
++ length++;
++ }
+
+ *ptr = '\0';
+ }
+@@ -547,12 +547,12 @@
+
+ while (!feof (datei)) {
+ oldposition = ftell (datei);
+- if (_FP_fgets (line, 299, datei) == NULL)
++ if (_FP_fgets (line, 255, datei) == NULL)
+ break;
+ if (ferror (datei))
+ break;
+
+- line[299] = '\0'; /* For Safety of string functions */
++ line[255] = '\0'; /* For Safety of string functions */
+
+ /*
+ * Make Busy Polls
+
@@ .
patch -p0 <<'@@ .'
Index: openpkg-src/uudeview/uudeview.spec
============================================================================
$ cvs diff -u -r1.22.2.2.2.1 -r1.22.2.2.2.2 uudeview.spec
--- openpkg-src/uudeview/uudeview.spec 29 Jul 2003 15:02:10 -0000
1.22.2.2.2.1
+++ openpkg-src/uudeview/uudeview.spec 12 Mar 2004 14:05:32 -0000
1.22.2.2.2.2
@@ -33,10 +33,11 @@
Group: Converter
License: GPL
Version: 0.5.18
-Release: 1.3.0
+Release: 1.3.1
# list of sources
Source0:
http://www.fpx.de/fp/Software/UUDeview/download/uudeview-%{version}.tar.gz
+Patch0: uudeview.patch
# build information
Prefix: %{l_prefix}
@@ -57,6 +58,7 @@
%prep
%setup -q
+ %patch -p0
%build
CC="%{l_cc}" \
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
