fix unsafe temp file creation (CVE-2007-4460), patch from Debian
bump PKGREVISION
This commit is contained in:
drochner
parent
a22621e7ed
commit
1c62ee22ec
3 changed files with 44 additions and 8 deletions
|
|
@ -1,8 +1,8 @@
|
|||
# $NetBSD: Makefile,v 1.26 2006/09/23 13:26:24 wiz Exp $
|
||||
# $NetBSD: Makefile,v 1.27 2007/09/04 09:58:20 drochner Exp $
|
||||
#
|
||||
|
||||
DISTNAME= id3lib-3.8.3
|
||||
PKGREVISION= 3
|
||||
PKGREVISION= 4
|
||||
CATEGORIES= audio
|
||||
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=id3lib/}
|
||||
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
$NetBSD: distinfo,v 1.14 2007/01/20 01:04:04 rillig Exp $
|
||||
$NetBSD: distinfo,v 1.15 2007/09/04 09:58:20 drochner Exp $
|
||||
|
||||
SHA1 (id3lib-3.8.3.tar.gz) = c92c880da41d1ec0b242745a901702ae87970838
|
||||
RMD160 (id3lib-3.8.3.tar.gz) = bfa2499ec649ed40815ad0a370c78eb1517952c4
|
||||
|
|
@ -8,4 +8,4 @@ SHA1 (patch-af) = 0266e9220791b7b14a35dc9b7564ab75cbc6562b
|
|||
SHA1 (patch-ag) = a047fe90d83c88e0f6d0a6a0595a440ef49276e3
|
||||
SHA1 (patch-ah) = 42a04014cc839565063daa395884b757214eb911
|
||||
SHA1 (patch-ai) = c0521a6d62d17826c9b1f35f6be51e1b72c48e7c
|
||||
SHA1 (patch-aj) = cbffa394ef07e59e3036788f265b3319bbdf2c39
|
||||
SHA1 (patch-aj) = 626952e7bbddbcf5db66a0509f62d588ccaed17a
|
||||
|
|
|
|||
|
|
@ -1,9 +1,36 @@
|
|||
$NetBSD: patch-aj,v 1.3 2007/01/20 01:04:04 rillig Exp $
|
||||
|
||||
char and unsigned char are different data types.
|
||||
$NetBSD: patch-aj,v 1.4 2007/09/04 09:58:20 drochner Exp $
|
||||
|
||||
--- src/tag_file.cpp.orig 2003-03-02 01:23:00.000000000 +0100
|
||||
+++ src/tag_file.cpp 2007-01-10 21:57:03.513247016 +0100
|
||||
+++ src/tag_file.cpp
|
||||
@@ -242,8 +242,8 @@ size_t RenderV2ToFile(const ID3_TagImpl&
|
||||
strcpy(sTempFile, filename.c_str());
|
||||
strcat(sTempFile, sTmpSuffix.c_str());
|
||||
|
||||
-#if ((defined(__GNUC__) && __GNUC__ >= 3 ) || !defined(HAVE_MKSTEMP))
|
||||
- // This section is for Windows folk && gcc 3.x folk
|
||||
+#if !defined(HAVE_MKSTEMP)
|
||||
+ // This section is for Windows folk
|
||||
fstream tmpOut;
|
||||
createFile(sTempFile, tmpOut);
|
||||
|
||||
@@ -257,7 +257,7 @@ size_t RenderV2ToFile(const ID3_TagImpl&
|
||||
tmpOut.write((char *)tmpBuffer, nBytes);
|
||||
}
|
||||
|
||||
-#else //((defined(__GNUC__) && __GNUC__ >= 3 ) || !defined(HAVE_MKSTEMP))
|
||||
+#else //!defined(HAVE_MKSTEMP)
|
||||
|
||||
// else we gotta make a temp file, copy the tag into it, copy the
|
||||
// rest of the old file after the tag, delete the old file, rename
|
||||
@@ -270,7 +270,7 @@ size_t RenderV2ToFile(const ID3_TagImpl&
|
||||
//ID3_THROW_DESC(ID3E_NoFile, "couldn't open temp file");
|
||||
}
|
||||
|
||||
- ofstream tmpOut(fd);
|
||||
+ ofstream tmpOut(sTempFile);
|
||||
if (!tmpOut)
|
||||
{
|
||||
tmpOut.close();
|
||||
@@ -282,7 +282,7 @@ size_t RenderV2ToFile(const ID3_TagImpl&
|
||||
|
||||
tmpOut.write(tagData, tagSize);
|
||||
|
|
@ -13,3 +40,12 @@ char and unsigned char are different data types.
|
|||
while (file)
|
||||
{
|
||||
file.read(tmpBuffer, BUFSIZ);
|
||||
@@ -292,7 +292,7 @@ size_t RenderV2ToFile(const ID3_TagImpl&
|
||||
|
||||
close(fd); //closes the file
|
||||
|
||||
-#endif ////((defined(__GNUC__) && __GNUC__ >= 3 ) || !defined(HAVE_MKSTEMP))
|
||||
+#endif ////!defined(HAVE_MKSTEMP)
|
||||
|
||||
tmpOut.close();
|
||||
file.close();
|
||||
|
|
|
|||
Loading…
Reference in a new issue