Add fix from the "mutt" CVS repository for a buffer overflow in the

IMAP code which could be exploited by a malicious IMAP server. Bump package revision.
2006-06-20 09:14:46 +00:00 · 2006-06-20 09:14:46 +00:00 · 5fd8500864
commit 5fd8500864
parent c80e0f86d9
4 changed files with 42 additions and 8 deletions
--- a/mail/mutt/Makefile
+++ b/mail/mutt/Makefile
@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.142 2006/06/18 00:23:59 rillig Exp $
+# $NetBSD: Makefile,v 1.143 2006/06/20 09:14:46 tron Exp $

 DISTNAME=		mutt-1.4.2.1i
 PKGNAME=		${DISTNAME:C/i$//}
-PKGREVISION=		6
+PKGREVISION=		7
 CATEGORIES=		mail
 MASTER_SITES=		ftp://ftp.mutt.org/mutt/ \
 			ftp://ftp.stealth.net/pub/mirrors/ftp.mutt.org/pub/mutt/ \
@ -79,7 +79,13 @@ CONF_FILES+=		${EGDIR}/mime.types ${PKG_SYSCONFDIR}/mime.types
 FILES_SUBST+=		DOCDIR=${DOCDIR:Q}

 INSTALL_MAKE_FLAGS+=	${MAKE_FLAGS} sysconfdir=${EGDIR:Q}
-PLIST_SRC=		${WRKDIR}/PLIST
+
+.if exists(${WRKSRC}/mutt_dotlock)
+PLIST_SUBST+=		MUTT_DOTLOCK=
+.else
+PLIST_SUBST+=		MUTT_DOTLOCK="@comment "
+.endif
+INSTALL_MAKE_FLAGS=	${MAKE_FLAGS} sysconfdir=${EGDIR}

 .include "../../converters/libiconv/buildlink3.mk"
 .include "../../devel/gettext-lib/buildlink3.mk"
@ -97,8 +103,5 @@ post-install:
 .if (${PKG_INSTALLATION_TYPE} == "pkgviews")
 	${MV} ${PREFIX}/man/man5/mutt-mbox.5 ${PREFIX}/man/man5/mbox.5
 .endif
-	${CP} ${PKGDIR}/PLIST ${PLIST_SRC}
-	${TEST} ! -f ${PREFIX}/bin/mutt_dotlock				\
-	|| ${ECHO} "bin/mutt_dotlock" >> ${PLIST_SRC}

 .include "../../mk/bsd.pkg.mk"
--- a/mail/mutt/PLIST
+++ b/mail/mutt/PLIST
@ -1,7 +1,8 @@
-@comment $NetBSD: PLIST,v 1.11 2006/04/30 20:07:55 joerg Exp $
+@comment $NetBSD: PLIST,v 1.12 2006/06/20 09:14:46 tron Exp $
 bin/flea
 bin/mutt
 bin/muttbug
+${MUTT_DOTLOCK}bin/mutt_dotlock
 bin/pgpewrap
 bin/pgpring
 man/man1/flea.1
--- a/mail/mutt/distinfo
+++ b/mail/mutt/distinfo
@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.29 2006/04/11 13:26:01 tron Exp $
+$NetBSD: distinfo,v 1.30 2006/06/20 09:14:46 tron Exp $

 SHA1 (mutt-1.4.2.1i.tar.gz) = 10fae2eef5a671d1ea6e17acd6e64cd1f37c3961
 RMD160 (mutt-1.4.2.1i.tar.gz) = 314536f77e0494dc6e4a5d57c681de791c8ce0fc
@ -7,6 +7,7 @@ SHA1 (patch-aa) = 057c11486bb855e321853a106992c8792b75b812
 SHA1 (patch-ab) = 9eb4d0d861fff0a6a387d035293e28c6dd17a06c
 SHA1 (patch-ac) = acfece3438c1cadc43247c590045699be7212ede
 SHA1 (patch-ad) = 6d7647913a0442ce474d02129d9bec0dbbd3df52
+SHA1 (patch-ae) = 442e3be4d0a5483e55f8e218cfbfc026e28235f5
 SHA1 (patch-ag) = c369b0b5d4855e50a016530f81190b2cbd47cef1
 SHA1 (patch-ah) = 04549728683b4250a26f6d6c7a212b8d505014d2
 SHA1 (patch-ai) = 317b736d6b9a896e1ee185cce37a1c2184c02cde
--- a/mail/mutt/patches/patch-ae
+++ b/mail/mutt/patches/patch-ae
@ -0,0 +1,29 @@
+$NetBSD: patch-ae,v 1.4 2006/06/20 09:14:46 tron Exp $
+
+--- imap/browse.c.orig	2002-02-26 10:38:56.000000000 +0000
+++ imap/browse.c	2006-06-20 10:05:32.000000000 +0100
+@@ -452,7 +452,7 @@
+ 	    if (*s == '\"')
+ 	    {
+ 	      s++;
+-	      while (*s && *s != '\"') 
+	      while (*s && *s != '\"' && n < sizeof (ns) - 1) 
+ 	      {
+ 		if (*s == '\\')
+ 		  s++;
+@@ -463,12 +463,14 @@
+ 		s++;
+ 	    }
+ 	    else
+-	      while (*s && !ISSPACE (*s)) 
+	      while (*s && !ISSPACE (*s) && n < sizeof (ns) - 1)
+ 	      {
+ 		ns[n++] = *s;
+ 		s++;
+ 	      }
+ 	    ns[n] = '\0';
+	    if (n == sizeof (ns) - 1)
+	      dprint (1, (debugfile, "browse_get_namespace: too long: [%s]\n", ns));
+ 	    /* delim? */
+ 	    s = imap_next_word (s);
+ 	    /* delimiter is meaningless if namespace is "". Why does