rpms/sylpheed-claws/FC-3 sylpheed-claws-ldif-buffer-overflow-fix.diff, NONE, 1.1 sylpheed-claws.spec, 1.7, 1.8
Andreas Bierfert (awjb)
fedora-extras-commits at redhat.com
Wed Nov 23 15:35:04 UTC 2005
Author: awjb
Update of /cvs/extras/rpms/sylpheed-claws/FC-3
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv28251
Modified Files:
sylpheed-claws.spec
Added Files:
sylpheed-claws-ldif-buffer-overflow-fix.diff
Log Message:
- fix #173997
sylpheed-claws-ldif-buffer-overflow-fix.diff:
--- NEW FILE sylpheed-claws-ldif-buffer-overflow-fix.diff ---
diff -ru sylpheed-claws-1.9.99/work/sylpheed-claws-1.9.99/src/ldif.c sylpheed-claws-1.9.100/work/sylpheed-claws-1.9.100/src/ldif.c
--- sylpheed-claws-1.9.99/work/sylpheed-claws-1.9.99/src/ldif.c 2005-09-21 19:52:31.000000000 +0200
+++ sylpheed-claws-1.9.100/work/sylpheed-claws-1.9.100/src/ldif.c 2005-11-07 19:41:26.000000000 +0100
@@ -306,26 +306,28 @@
static gchar *ldif_get_line( LdifFile *ldifFile ) {
gchar buf[ LDIFBUFSIZE ];
gint ch;
- gchar *ptr;
+ int i = 0;
- if( feof( ldifFile->file ) ) return NULL;
+ if( feof( ldifFile->file ) )
+ return NULL;
- ptr = buf;
- while( TRUE ) {
- *ptr = '\0';
+ while( i < LDIFBUFSIZE-1 ) {
ch = fgetc( ldifFile->file );
if( ch == '\0' || ch == EOF ) {
- if( *buf == '\0' ) return NULL;
+ if( i == 0 ) return NULL;
break;
}
#if HAVE_DOSISH_SYSTEM
#else
- if( ch == '\r' ) continue;
+ if( ch == '\r' )
+ continue;
#endif
- if( ch == '\n' ) break;
- *ptr = ch;
- ptr++;
+ if( ch == '\n' )
+ break;
+ buf[i] = ch;
+ i++;
}
+ buf[i] = '\0';
/* Return a copy of buffer */
return g_strdup( buf );
@@ -483,6 +485,14 @@
fullName = g_strdup_printf( "%s", lastName );
}
}
+
+ if (!fullName || strlen(fullName) == 0) {
+ g_free(fullName);
+ fullName = NULL;
+ if (rec->listCName)
+ fullName = g_strdup(rec->listCName->data);
+ }
+
if( fullName ) {
g_strchug( fullName ); g_strchomp( fullName );
}
@@ -723,7 +733,17 @@
if( lastTag ) {
/* Save record */
fullValue = mgu_list_coalesce( listValue );
-
+ if (fullValue && last64) {
+ gchar *out = g_malloc(strlen(fullValue));
+ int len = 0;
+ if ((len = base64_decode(out, fullValue,
+ strlen(fullValue))) >= 0) {
+ g_free(fullValue);
+ fullValue = out;
+ fullValue[len] = '\0';
+ } else
+ g_free(out);
+ }
/* Base-64 encoded data */
/*
if( last64 ) {
@@ -764,6 +784,17 @@
/* Save data */
fullValue =
mgu_list_coalesce( listValue );
+ if (fullValue && last64) {
+ gchar *out = g_malloc(strlen(fullValue));
+ int len = 0;
+ if ((len = base64_decode(out, fullValue,
+ strlen(fullValue))) >= 0) {
+ g_free(fullValue);
+ fullValue = out;
+ fullValue[len] = '\0';
+ } else
+ g_free(out);
+ }
/* Base-64 encoded data */
/*
if( last64 ) {
@@ -908,7 +939,6 @@
/* Process file */
while( ! flagEOF ) {
gchar *line = ldif_get_line( ldifFile );
-
posCur = ftell( ldifFile->file );
if( ldifFile->cbProgress ) {
/* Call progress indicator */
diff -ru sylpheed-claws-1.9.99/work/sylpheed-claws-1.9.99/src/mutt.c sylpheed-claws-1.9.100/work/sylpheed-claws-1.9.100/src/mutt.c
--- sylpheed-claws-1.9.99/work/sylpheed-claws-1.9.99/src/mutt.c 2005-09-21 19:52:32.000000000 +0200
+++ sylpheed-claws-1.9.100/work/sylpheed-claws-1.9.100/src/mutt.c 2005-11-07 11:59:11.000000000 +0100
@@ -159,34 +159,37 @@
static gchar *mutt_get_line( MuttFile *muttFile, gboolean *flagCont ) {
gchar buf[ MUTTBUFSIZE ];
int ch, lch;
- gchar *ptr, *lptr;
+ int i = 0, li = 0;
*flagCont = FALSE;
- if( feof( muttFile->file ) ) return NULL;
+ if( feof( muttFile->file ) )
+ return NULL;
+
+ memset(buf, 0, MUTTBUFSIZE);
- ptr = buf;
lch = '\0';
- lptr = NULL;
- while( TRUE ) {
- *ptr = '\0';
+ while( i < MUTTBUFSIZE-1 ) {
ch = fgetc( muttFile->file );
if( ch == '\0' || ch == EOF ) {
- if( *buf == '\0' ) return NULL;
+ if( i == 0 )
+ return NULL;
break;
}
if( ch == '\n' ) {
if( lch == '\\' ) {
/* Replace backslash with NULL */
- if( lptr ) *lptr = '\0';
+ if( li != 0 )
+ buf[li] = '\0';
*flagCont = TRUE;
}
break;
}
- *ptr = ch;
- lptr = ptr;
+ buf[i] = ch;
+ li = i;
lch = ch;
- ptr++;
+ i++;
}
+ buf[i]='\0';
/* Copy into private buffer */
return g_strdup( buf );
diff -ru sylpheed-claws-1.9.99/work/sylpheed-claws-1.9.99/src/pine.c sylpheed-claws-1.9.100/work/sylpheed-claws-1.9.100/src/pine.c
--- sylpheed-claws-1.9.99/work/sylpheed-claws-1.9.99/src/pine.c 2005-09-21 19:52:32.000000000 +0200
+++ sylpheed-claws-1.9.100/work/sylpheed-claws-1.9.100/src/pine.c 2005-11-07 11:59:11.000000000 +0100
@@ -163,31 +163,32 @@
*/
static gchar *pine_read_line( PineFile *pineFile ) {
gchar buf[ PINEBUFSIZE ];
- int c;
+ int c, i = 0;
gchar ch;
- gchar *ptr;
- if( feof( pineFile->file ) ) return NULL;
+ if( feof( pineFile->file ) )
+ return NULL;
- ptr = buf;
- while( TRUE ) {
- *ptr = '\0';
+ while( i < PINEBUFSIZE-1 ) {
c = fgetc( pineFile->file );
if( c == EOF ) {
- if( *buf == '\0' ) return NULL;
+ if( i == 0 )
+ return NULL;
break;
}
ch = (gchar) c;
if( ch == '\0' ) {
- if( *buf == '\0' ) return NULL;
+ if( i == 0 )
+ return NULL;
break;
}
if( ch == '\n' ) {
break;
}
- *ptr = ch;
- ptr++;
+ buf[i] = ch;
+ i++;
}
+ buf[i] = '\0';
/* Copy into private buffer */
return g_strdup( buf );
Index: sylpheed-claws.spec
===================================================================
RCS file: /cvs/extras/rpms/sylpheed-claws/FC-3/sylpheed-claws.spec,v
retrieving revision 1.7
retrieving revision 1.8
diff -u -r1.7 -r1.8
--- sylpheed-claws.spec 7 Jul 2005 10:32:07 -0000 1.7
+++ sylpheed-claws.spec 23 Nov 2005 15:35:02 -0000 1.8
@@ -2,13 +2,16 @@
Name: sylpheed-claws
Version: 1.0.5
-Release: 1
+Release: 2
Epoch: 0
Summary: The bleeding edge branch of Sylpheed
Group: Applications/Internet
License: GPL
URL: http://claws.sylpheed.org
Source0: http://dl.sourceforge.net/sylpheed-claws/sylpheed-claws-1.0.5.tar.bz2
+#CVE-2005-3354
+# from gentoo http://www.gentoo.org/cgi-bin/viewcvs.cgi/*checkout*/mail-client/sylpheed-claws/files/ldif-buffer-overflow-fix.diff
+Patch0: sylpheed-claws-ldif-buffer-overflow-fix.diff
Source1: sylpheed.desktop
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root
BuildRequires: flex, bison
@@ -45,6 +48,7 @@
%prep
%setup
+%patch0 -p3
%build
%if %openssl_pc
@@ -108,6 +112,10 @@
%{_libdir}/pkgconfig/sylpheed-claws.pc
%changelog
+* Wed Nov 23 2005 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
+0:1.0.5-2
+- fix #173997 (CVE-2005-3354)
+
* Thu Jul 07 2005 Andreas Bierfert <andreas.bierfert[AT]lowlatency.de>
0:1.0.5-1
- Version upgrade
More information about the fedora-extras-commits
mailing list