kpriv/freebsd-ports
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

- Use revised patch for CVE-2008-2711

Browse source 
- Bump port revision

Security:	http://fetchmail.berlios.de/fetchmail-SA-2008-01.txt
Security:	http://www.vuxml.org/freebsd/1e8e63c0-478a-11dd-a88d-000ea69a5213.html
This commit is contained in:
Simon Barner 2008-07-01 16:35:50 +00:00
parent 781cb19f44
commit a227f4d511
Notes: svn2git 2021-03-31 03:12:20 +00:00 
svn path=/head/; revision=216094
2 changed files with 32 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
mail/fetchmail/Makefile
View file

@ -11,7 +11,7 @@
PORTNAME= fetchmail PORTNAME= fetchmail
PORTVERSION= 6.3.8 PORTVERSION= 6.3.8
PORTREVISION= 6 PORTREVISION= 7
CATEGORIES= mail ipv6 CATEGORIES= mail ipv6
MASTER_SITES= ${MASTER_SITE_BERLIOS} \ MASTER_SITES= ${MASTER_SITE_BERLIOS} \
${MASTER_SITE_SUNSITE:S/$/:sunsite/}\ ${MASTER_SITE_SUNSITE:S/$/:sunsite/}\

41
mail/fetchmail/files/patch-CVE-2008-2711
View file

@ -1,27 +1,48 @@
diff --git a/report.c b/report.c --- report.c.orig 2008-07-01 18:15:58.000000000 +0200
index 31d4e48..2a731ac 100644 +++ report.c 2008-07-01 18:18:53.000000000 +0200
--- ./report.c~ @@ -238,11 +238,17 @@
+++ ./report.c
@@ -238,11 +238,17 @@ report_build (FILE *errfp, message, va_alist)
rep_ensuresize(); rep_ensuresize();
#if defined(VA_START) #if defined(VA_START)
- VA_START (args, message); - VA_START (args, message);
for ( ; ; ) for ( ; ; )
{ {
+ /* + /*
+ * args has to be initialized before every call of vsnprintf(), + * args has to be initialized before every call of vsnprintf(),
+ * because vsnprintf() invokes va_arg macro and thus args is + * because vsnprintf() invokes va_arg macro and thus args is
+ * undefined after the call. + * undefined after the call.
+ */ + */
+ VA_START(args, message); + VA_START(args, message);
n = vsnprintf (partial_message + partial_message_size_used, partial_message_size - partial_message_size_used, n = vsnprintf (partial_message + partial_message_size_used, partial_message_size - partial_message_size_used,
message, args); message, args);
+ va_end (args); + va_end (args);
if (n >= 0 if (n >= 0
&& (unsigned)n < partial_message_size - partial_message_size_used) && (unsigned)n < partial_message_size - partial_message_size_used)
@@ -254,7 +260,6 @@ report_build (FILE *errfp, message, va_alist) @@ -254,7 +260,6 @@
partial_message_size += 2048;
partial_message = REALLOC (partial_message, partial_message_size);
}
- va_end (args);
#else
for ( ; ; )
{
@@ -304,12 +309,13 @@
rep_ensuresize();
#if defined(VA_START)
- VA_START (args, message);
for ( ; ; )
{
+ VA_START(args, message);
n = vsnprintf (partial_message + partial_message_size_used,
partial_message_size - partial_message_size_used,
message, args);
+ va_end(args);
/* old glibc versions return -1 for truncation */
if (n >= 0
@@ -322,7 +328,6 @@
partial_message_size += 2048; partial_message_size += 2048;
partial_message = REALLOC (partial_message, partial_message_size); partial_message = REALLOC (partial_message, partial_message_size);
} }