kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

- Apply security-patch from

Browse source 
http://www.securityfocus.com/archive/1/358626/2004-05-13/2004-05-19/2
- Remove FORBIDDDEN, bump PORTREVISION
- Force use of byacc since the preferred bison (if installed) would need
    additional tweaking

PR:		ports/65784
Submitted by:	Johan van Selst
This commit is contained in:
Volker Stolz 2004-05-16 20:10:17 +00:00
parent c2a52c917a
commit 3cdd75e635
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=109282
2 changed files with 106 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
mail/emil/Makefile
View file

@ -7,6 +7,7 @@
PORTNAME= emil
PORTVERSION= 2.1b9
PORTREVISION= 1
CATEGORIES= mail
MASTER_SITES= ftp://ftp.uu.se/pub/unix/networking/mail/emil/ \
ftp://ftp.gwdg.de/pub/misc/emil/ \
@ -15,12 +16,11 @@ MASTER_SITES= ftp://ftp.uu.se/pub/unix/networking/mail/emil/ \
ftp://sunsite.doc.ic.ac.uk/Mirrors/ftp.uu.se/pub/unix/networking/mail/emil/
DISTNAME= ${PORTNAME}-2.1.0-beta9
FORBIDDEN= http://vuxml.freebsd.org/ce46b93a-80f2-11d8-9645-0020ed76ef5a.html
MAINTAINER= ports@FreeBSD.org
COMMENT= Mail format/encoding converter
GNU_CONFIGURE= yes
CONFIGURE_ENV= YACC=byacc
MAN1= emil.1 emil.cf.1
.if defined(NOPORTDOCS)

104
mail/emil/files/patch-security-advisory Normal file
View file

@ -0,0 +1,104 @@
--- mime.c.old 1996-06-04 15:36:59.000000000 +0200
+++ mime.c 2004-02-26 16:57:42.000000000 +0100
@@ -56,18 +56,18 @@
if (match(m->sd->type, "TEXT"))
{
if (m->td->charset != NULL)
- sprintf(buf, "%s; charset=\"%s\"", ct, m->td->charset);
+ snprintf(buf, sizeof(buf), "%s; charset=\"%s\"", ct, m->td->charset);
else
- sprintf(buf, "%s", ct);
+ snprintf(buf, sizeof(buf), "%s", ct);
}
else
if (match(m->sd->type, "MULTIPART"))
{
bb = (char *)getmimebound();
if (m->sd->applefile == AMDOUBLE)
- sprintf(buf, "Multipart/AppleDouble; boundary=\"%s\"", bb);
+ snprintf(buf, sizeof(buf), "Multipart/AppleDouble; boundary=\"%s\"", bb);
else
- sprintf(buf,"%s; boundary=\"%s\"", ct, bb);
+ snprintf(buf, sizeof(buf), "%s; boundary=\"%s\"", ct, bb);
m->td->startbound = (char *)Yalloc(MIMEBOUNDLEN + 5);
m->td->endbound = (char *)Yalloc(MIMEBOUNDLEN + 7);
sprintf(m->td->startbound, "--%s", bb);
@@ -75,7 +75,7 @@
}
else
{
- sprintf(buf, "%s", ct);
+ snprintf(buf, sizeof(buf), "%s", ct);
}
}
else
@@ -87,7 +87,10 @@
if (m->sd->name != NULL)
{
- sprintf(buf, "%s; name=\"%s\"", buf, m->sd->name);
+ char *buf2;
+ buf2 = strdup(buf);
+ snprintf(buf, sizeof(buf), "%s; name=\"%s\"", buf2, m->sd->name);
+ free(buf2);
}
add_header(m, "Content-Type", buf, MIME);
if (bb != NULL)
--- uuencode.c.old 1996-06-04 15:37:02.000000000 +0200
+++ uuencode.c 2004-02-26 17:01:09.000000000 +0100
@@ -116,7 +116,7 @@
/* Start with uuencode preamble */
fix_filename(m);
- sprintf(outb,"begin 644 %s\n", m->sd->name);
+ snprintf(outb, sizeof(outb), "begin 644 %s\n", m->sd->name);
append_data(outbuf, outb, strlen(outb), pz);
outbuf->lineend += 1;
i = 0;
@@ -242,7 +242,7 @@
inb++;
inbuf->offset += 1;
}
- if ((i = sscanf(inb, "begin%*1[ ]%*3[0-7]%*1[ ]%s", filename)) != 1)
+ if ((i = sscanf(inb, "begin%*1[ ]%*3[0-7]%*1[ ]%511s", filename)) != 1)
{
#ifdef DEBUG
if (edebug)
--- main.c.old 1996-06-04 15:36:58.000000000 +0200
+++ main.c 2004-02-26 17:02:18.000000000 +0100
@@ -177,7 +177,7 @@
sprintf(ebuf,"Invalid parameter to -f: %s",optarg);
#ifdef DEBUG
if (edebug)
- fprintf(stderr, ebuf);
+ fprintf(stderr, "%s", ebuf);
#endif
logger(LOG_WARNING,ebuf);
}
@@ -303,7 +303,7 @@
sprintf(ebuf,"Invalid flag: -%c",c);
#ifdef DEBUG
if (edebug)
- fprintf(stderr, ebuf);
+ fprintf(stderr, "%s", ebuf);
#endif
logger(LOG_WARNING,ebuf);
}
@@ -359,7 +359,7 @@
sprintf(ebuf, "Invalid mailer specification %s", optarg);
#ifdef DEBUG
if (edebug)
- fprintf(stderr, ebuf);
+ fprintf(stderr, "%s", ebuf);
#endif
logger(LOG_ERR, ebuf);
fprintf(stderr, "Emil: %s\n", ebuf);
@@ -448,7 +448,7 @@
);
#ifdef DEBUG
if (edebug)
- fprintf(stderr, ebuf);
+ fprintf(stderr, "%s", ebuf);
#endif
logger(LOG_DEBUG,ebuf);
if (source == NULL)