rpms/nedit/devel nedit-5.5-security.patch, NONE, 1.1 nedit.spec, 1.18, 1.19 nedit-5.4-security.patch, 1.1, NONE
Jindrich Novy
jnovy at fedoraproject.org
Fri Sep 26 07:40:26 UTC 2008
Author: jnovy
Update of /cvs/pkgs/rpms/nedit/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv23502
Modified Files:
nedit.spec
Added Files:
nedit-5.5-security.patch
Removed Files:
nedit-5.4-security.patch
Log Message:
* Fri Sep 26 2008 Jindrich Novy <jnovy at redhat.com> 5.5-19
- rediff security patch to be applicable with zero fuzz
nedit-5.5-security.patch:
--- NEW FILE nedit-5.5-security.patch ---
diff -up nedit-5.5/source/file.c.orig nedit-5.5/source/file.c
--- nedit-5.5/source/file.c.orig 2004-08-24 11:37:24.000000000 +0200
+++ nedit-5.5/source/file.c 2008-09-26 09:33:53.000000000 +0200
@@ -1314,7 +1314,7 @@ void PrintWindow(WindowInfo *window, int
*/
void PrintString(const char *string, int length, Widget parent, const char *jobName)
{
- char tmpFileName[L_tmpnam]; /* L_tmpnam defined in stdio.h */
+ char *tmpFileName=strdup("/tmp/neditXXXXXX");
FILE *fp;
int fd;
@@ -1325,14 +1325,10 @@ void PrintString(const char *string, int
1. Create a filename
2. Open the file with the O_CREAT|O_EXCL flags
So all an attacker can do is a DoS on the print function. */
- tmpnam(tmpFileName);
+ fd = mkstemp(tmpFileName);
/* open the temporary file */
-#ifdef VMS
- if ((fp = fopen(tmpFileName, "w", "rfm = stmlf")) == NULL)
-#else
- if ((fd = open(tmpFileName, O_CREAT|O_EXCL|O_WRONLY, S_IRUSR | S_IWUSR)) < 0 || (fp = fdopen(fd, "w")) == NULL)
-#endif /* VMS */
+ if ((fp = fdopen(fd, "w")) == NULL)
{
DialogF(DF_WARN, parent, 1, "Error while Printing",
"Unable to write file for printing:\n%s", "OK",
@@ -1346,7 +1342,7 @@ void PrintString(const char *string, int
/* write to the file */
#ifdef IBM_FWRITE_BUG
- write(fileno(fp), string, length);
+ write(fd, string, length);
#else
fwrite(string, sizeof(char), length, fp);
#endif
@@ -1356,6 +1352,7 @@ void PrintString(const char *string, int
"%s not printed:\n%s", "OK", jobName, errorString());
fclose(fp); /* should call close(fd) in turn! */
remove(tmpFileName);
+ free(tmpFileName);
return;
}
@@ -1366,6 +1363,7 @@ void PrintString(const char *string, int
"Error closing temp. print file:\n%s", "OK",
errorString());
remove(tmpFileName);
+ free(tmpFileName);
return;
}
@@ -1377,6 +1375,7 @@ void PrintString(const char *string, int
PrintFile(parent, tmpFileName, jobName);
remove(tmpFileName);
#endif /*VMS*/
+ free(tmpFileName);
return;
}
Index: nedit.spec
===================================================================
RCS file: /cvs/pkgs/rpms/nedit/devel/nedit.spec,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- nedit.spec 25 Feb 2008 06:16:55 -0000 1.18
+++ nedit.spec 26 Sep 2008 07:39:55 -0000 1.19
@@ -1,11 +1,11 @@
Summary: A GUI text editor for systems with X
Name: nedit
Version: 5.5
-Release: 18%{?dist}
+Release: 19%{?dist}
Source: http://nedit.org/ftp/v5_5/nedit-%{version}-src.tar.bz2
Source1: nedit.desktop
Source2: nedit-icon.png
-Patch0: nedit-5.4-security.patch
+Patch0: nedit-5.5-security.patch
Patch1: nedit-5.4-makefiles.patch
Patch2: nedit-5.5-utf8.patch
Patch3: nedit-5.5-motif223.patch
@@ -86,6 +86,9 @@
%{_datadir}/icons/hicolor/
%changelog
+* Fri Sep 26 2008 Jindrich Novy <jnovy at redhat.com> 5.5-19
+- rediff security patch to be applicable with zero fuzz
+
* Mon Feb 25 2008 Jindrich Novy <jnovy at redhat.com> 5.5-18
- manual rebuild because of gcc-4.3 (#434192)
--- nedit-5.4-security.patch DELETED ---
More information about the fedora-extras-commits
mailing list