rpms/sharutils/FC-3 sharutils-4.2.1-sec.patch, NONE, 1.1 sharutils.spec, 1.13, 1.14 sharutils.patch, 1.1, NONE
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed Mar 30 23:09:27 UTC 2005
Update of /cvs/dist/rpms/sharutils/FC-3
In directory cvs.devel.redhat.com:/tmp/cvs-serv25331
Modified Files:
sharutils.spec
Added Files:
sharutils-4.2.1-sec.patch
Removed Files:
sharutils.patch
Log Message:
apply patch to fix multiple buffer overflows #152574
sharutils-4.2.1-sec.patch:
shar.c | 6 +++---
unshar.c | 20 ++++++++++----------
2 files changed, 13 insertions(+), 13 deletions(-)
--- NEW FILE sharutils-4.2.1-sec.patch ---
diff -Naur ./sharutils-4.2.1/src/shar.c ./sharutils-4.2.1_new/src/shar.c
--- sharutils-4.2.1.old/src/shar.c 1999-09-10 21:20:41.000000000 +0200
+++ sharutils-4.2.1/src/shar.c 2004-09-29 15:09:40.790061000 +0200
@@ -1571,7 +1571,7 @@
sprintf (command, "%s '%s'", CHARACTER_COUNT_COMMAND, local_name);
if (pfp = popen (command, "r"), pfp)
{
- char wc[BUFSIZ];
+ char wc[BUFSIZ], tempform[50];
const char *prefix = "";
if (did_md5)
@@ -1579,8 +1579,8 @@
fputs (" else\n", output);
prefix = " ";
}
-
- fscanf (pfp, "%s", wc);
+ sprintf (tempform, "%%%ds", BUFSIZ - 1);
+ fscanf (pfp, tempform, wc);
fprintf (output, "\
%s shar_count=\"`%s '%s'`\"\n\
%s test %s -eq \"$shar_count\" ||\n\
diff -Naur ./sharutils-4.2.1/src/unshar.c ./sharutils-4.2.1_new/src/unshar.c
--- sharutils-4.2.1.old/src/unshar.c 1995-11-21 17:22:14.000000000 +0100
+++ sharutils-4.2.1/src/unshar.c 2004-09-29 15:09:44.682469264 +0200
@@ -346,8 +346,8 @@
{
size_t size_read;
FILE *file;
- char name_buffer[NAME_BUFFER_SIZE];
- char copy_buffer[NAME_BUFFER_SIZE];
+ char name_buffer[NAME_BUFFER_SIZE] = {'\0'};
+ char copy_buffer[NAME_BUFFER_SIZE] = {'\0'};
int optchar;
program_name = argv[0];
@@ -409,14 +409,14 @@
if (optind < argc)
for (; optind < argc; optind++)
{
- if (argv[optind][0] == '/')
- stpcpy (name_buffer, argv[optind]);
- else
- {
- char *cp = stpcpy (name_buffer, current_directory);
- *cp++ = '/';
- stpcpy (cp, argv[optind]);
- }
+ if (argv[optind][0] == '/') {
+ strncpy (name_buffer, argv[optind], sizeof(name_buffer));
+ name_buffer[sizeof(name_buffer)-1] = '\0';
+ }
+ else {
+ snprintf(name_buffer, sizeof(name_buffer),"%s/%s", current_directory, argv[optind]);
+ name_buffer[sizeof(name_buffer)-1] = '\0';
+ }
if (file = fopen (name_buffer, "r"), !file)
error (EXIT_FAILURE, errno, name_buffer);
unarchive_shar_file (name_buffer, file);
Index: sharutils.spec
===================================================================
RCS file: /cvs/dist/rpms/sharutils/FC-3/sharutils.spec,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- sharutils.spec 1 Oct 2004 14:47:57 -0000 1.13
+++ sharutils.spec 30 Mar 2005 23:09:25 -0000 1.14
@@ -1,7 +1,7 @@
Summary: The GNU shar utilities for packaging and unpackaging shell archives.
Name: sharutils
Version: 4.2.1
-Release: 22
+Release: 22.1.FC3
License: GPL
Group: Applications/Archiving
Source: ftp://prep.ai.mit.edu/pub/gnu/sharutils/sharutils-%{version}.tar.gz
@@ -13,7 +13,7 @@
Patch6: sharutils-4.2.1-mktemp.patch
Patch7: sharutils-4.2.1-uudecode.patch
Patch8: sharutils-opto.dif
-Patch9: sharutils.patch
+Patch9: sharutils-4.2.1-sec.patch
BuildRequires: gettext
Prereq: /sbin/install-info
Buildroot: %{_tmppath}/%{name}-root
@@ -43,7 +43,7 @@
%patch6 -p1
%patch7 -p1
%patch8 -p0 -b .ooption
-%patch9 -p0
+%patch9 -p1
%build
%configure
@@ -79,6 +79,9 @@
%{_mandir}/*/*
%changelog
+* Thu Mar 31 2005 Than Ngo <than at redhat.com> 4.2.1-22.1.FC3
+- apply patch to fix multiple buffer overflows #152574
+
* Fri Oct 01 2004 Than Ngo <than at redhat.com> 4.2.1-22
- fix buffer overflow in shar, (from Ulf Harnhammer)
--- sharutils.patch DELETED ---
More information about the fedora-cvs-commits
mailing list