Apply the vendor patch for the recent security exploit.
See http://online.securityfocus.com/bid/5602/info/ for more details.
This commit is contained in:
Joe Marcus Clarke
parent
5b4499e138
commit
c3c758e01d
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=67700
2 changed files with 140 additions and 1 deletions
|
|
@ -7,7 +7,7 @@
|
|||
|
||||
PORTNAME= scrollkeeper
|
||||
PORTVERSION= 0.3.11
|
||||
PORTREVISION= 2
|
||||
PORTREVISION= 3
|
||||
PORTEPOCH= 1
|
||||
CATEGORIES= textproc gnome
|
||||
MASTER_SITES= ${MASTER_SITE_GNOME}
|
||||
|
|
|
|||
139
textproc/scrollkeeper/files/patch-security
Normal file
139
textproc/scrollkeeper/files/patch-security
Normal file
|
|
@ -0,0 +1,139 @@
|
|||
This patch fixes a security issue in scrollkeeper. It will be integrated
|
||||
into the next release.
|
||||
|
||||
--- cl/src/get-cl.c 2002/02/25 08:23:14 1.18
|
||||
+++ cl/src/get-cl.c 2002/09/22 07:13:59 1.19
|
||||
@@ -27,6 +27,7 @@
|
||||
#include <unistd.h>
|
||||
#include <sys/stat.h>
|
||||
#include <locale.h>
|
||||
+#include <fcntl.h>
|
||||
|
||||
/* cycles through five temporary filenames of the form /tmp/scrollkeeper-templfile.x,
|
||||
where x is number from 0 to 4 and returns the first one that does not exist or the
|
||||
@@ -35,7 +36,7 @@
|
||||
static char *get_next_free_temp_file_path(char outputprefs)
|
||||
{
|
||||
char path[PATHLEN], *filename;
|
||||
- int i, num;
|
||||
+ int i, num, fd;
|
||||
struct stat buf;
|
||||
time_t prev;
|
||||
|
||||
@@ -82,6 +83,17 @@
|
||||
check_ptr(filename, "scrollkeeper-get-cl");
|
||||
snprintf(filename, PATHLEN, "/tmp/scrollkeeper-tempfile.%d", num);
|
||||
|
||||
+ unlink(filename);
|
||||
+
|
||||
+ fd = open(filename, O_RDWR | O_CREAT | O_EXCL | O_TRUNC | O_NONBLOCK,
|
||||
+ S_IRWXU | S_IRGRP | S_IROTH);
|
||||
+
|
||||
+ if (fd < 0) {
|
||||
+ fprintf (stderr, _("scrollkeeper-get-cl: Cannot open temp file: %s\n"), filename);
|
||||
+ exit (EXIT_FAILURE);
|
||||
+ }
|
||||
+ close(fd);
|
||||
+
|
||||
return filename;
|
||||
}
|
||||
|
||||
--- libs/extract.c 2002/03/16 19:08:48 1.12
|
||||
+++ libs/extract.c 2002/09/22 07:14:01 1.14
|
||||
@@ -43,16 +43,16 @@
|
||||
int i;
|
||||
int returnval = 1;
|
||||
FILE *fid;
|
||||
+ struct stat buf;
|
||||
#ifndef SOLARIS
|
||||
char line[1024], *start, *end;
|
||||
int num;
|
||||
FILE *res_fid;
|
||||
char *doctype;
|
||||
char command[1024];
|
||||
- pid_t pid;
|
||||
char temp1[PATHLEN], temp2[PATHLEN], errors[PATHLEN];
|
||||
+ int temp1_fd, temp2_fd, errors_fd;
|
||||
#endif
|
||||
- struct stat buf;
|
||||
|
||||
if (input_file == NULL ||
|
||||
stylesheets == NULL ||
|
||||
@@ -69,11 +69,23 @@
|
||||
#ifdef SOLARIS
|
||||
doc = docbParseFile(input_file, NULL);
|
||||
#else
|
||||
- pid = getpid();
|
||||
-
|
||||
- snprintf(temp1, PATHLEN, "/var/tmp/scrollkeeper-extract-1-%ld.xml", (long)pid);
|
||||
- snprintf(temp2, PATHLEN, "/var/tmp/scrollkeeper-extract-2-%ld.xml", (long)pid);
|
||||
- snprintf(errors, PATHLEN, "/var/tmp/scrollkeeper-extract-errors-%ld", (long)pid);
|
||||
+ snprintf(temp1, PATHLEN, SCROLLKEEPER_STATEDIR "/tmp/scrollkeeper-extract-1.xml.XXXXXX");
|
||||
+ snprintf(temp2, PATHLEN, SCROLLKEEPER_STATEDIR "/tmp/scrollkeeper-extract-2.xml.XXXXXX");
|
||||
+ snprintf(errors, PATHLEN, SCROLLKEEPER_STATEDIR "/tmp/scrollkeeper-extract-errors.XXXXXX");
|
||||
+
|
||||
+ temp1_fd = mkstemp(temp1);
|
||||
+ printf ("%s\n", temp1);
|
||||
+ if (temp1_fd == -1) {
|
||||
+ sk_message(outputprefs, SKOUT_DEFAULT, SKOUT_QUIET, "(apply_stylesheets)", _("Cannot create temporary file: %s : %s\n"),temp1, strerror(errno));
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+ errors_fd = mkstemp(errors);
|
||||
+ if (errors_fd == -1) {
|
||||
+ sk_message(outputprefs, SKOUT_DEFAULT, SKOUT_QUIET, "(apply_stylesheets)", _("Cannot create temporary file: %s : %s\n"),errors, strerror(errno));
|
||||
+ return 0;
|
||||
+ }
|
||||
+ close(errors_fd);
|
||||
|
||||
snprintf(command, 1024, "sgml2xml -xlower -f%s %s > %s", errors, input_file, temp1);
|
||||
system(command);
|
||||
@@ -83,6 +95,7 @@
|
||||
fid = fopen(input_file, "r");
|
||||
if (fid == NULL) {
|
||||
sk_message(outputprefs, SKOUT_DEFAULT, SKOUT_QUIET, "(apply_stylesheets)", _("Cannot read file: %s : %s\n"),input_file, strerror(errno));
|
||||
+ close(temp1_fd);
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -106,14 +119,25 @@
|
||||
}
|
||||
|
||||
if (doctype == NULL) {
|
||||
+ close(temp1_fd);
|
||||
unlink(temp1);
|
||||
return 0;
|
||||
}
|
||||
-
|
||||
- fid = fopen(temp1, "r");
|
||||
- res_fid = fopen(temp2, "w");
|
||||
+
|
||||
+ temp2_fd = mkstemp(temp2);
|
||||
+ if (temp2_fd == -1) {
|
||||
+ close(temp1_fd);
|
||||
+ unlink(temp1);
|
||||
+ sk_message(outputprefs, SKOUT_DEFAULT, SKOUT_QUIET, "(apply_stylesheets)", _("Cannot create temporary file: %s : %s\n"),temp2, strerror(errno));
|
||||
+ return 0;
|
||||
+ }
|
||||
+
|
||||
+ fid = fdopen(temp1_fd, "r");
|
||||
+ res_fid = fdopen(temp2_fd, "w");
|
||||
if (fid == NULL || res_fid == NULL) {
|
||||
+ close(temp1_fd);
|
||||
unlink(temp1);
|
||||
+ close(temp2_fd);
|
||||
unlink(temp2);
|
||||
return 0;
|
||||
}
|
||||
--- libs/Makefile.in.orig Wed Oct 9 12:36:43 2002
|
||||
+++ libs/Makefile.in Wed Oct 9 12:37:05 2002
|
||||
@@ -130,7 +130,8 @@
|
||||
INCLUDES = \
|
||||
$(XML_CFLAGS) \
|
||||
$(XSLT_CFLAGS) \
|
||||
- $(HOST_TYPE)
|
||||
+ $(HOST_TYPE) \
|
||||
+ -DSCROLLKEEPER_STATEDIR=\""$(localstatedir)"\"
|
||||
|
||||
|
||||
libscrollkeeper_la_SOURCES = \
|
||||
Loading…
Reference in a new issue