summaryrefslogtreecommitdiff
path: root/graphics
diff options
context:
space:
mode:
authorKris Kennaway <kris@FreeBSD.org>2001-02-07 20:33:48 +0000
committerKris Kennaway <kris@FreeBSD.org>2001-02-07 20:33:48 +0000
commitd8f67662daab00ff6f32f356ba7330836d1f8261 (patch)
tree0cb4f4147cbec768c0e14dffee3d89b472e5810b /graphics
parentFix a core dump when doing 'tosha -i'. (Maintainer timeout after about two (diff)
Fix overflows and bump PORTREVISION.
Reviewed by: jedgar
Diffstat (limited to 'graphics')
-rw-r--r--graphics/dc20ctrl/Makefile2
-rw-r--r--graphics/dc20ctrl/files/patch-ac11
-rw-r--r--graphics/dc20ctrl/files/patch-ad43
-rw-r--r--graphics/dc20ctrl/files/patch-ae23
-rw-r--r--graphics/dc20ctrl/files/patch-af14
-rw-r--r--graphics/dc20ctrl/files/patch-ag13
-rw-r--r--graphics/dc20ctrl/files/patch-ah84
7 files changed, 189 insertions, 1 deletions
diff --git a/graphics/dc20ctrl/Makefile b/graphics/dc20ctrl/Makefile
index 768730e986b6..c9a7c3a2b938 100644
--- a/graphics/dc20ctrl/Makefile
+++ b/graphics/dc20ctrl/Makefile
@@ -7,11 +7,11 @@
PORTNAME= dc20ctrl
PORTVERSION= 0.4
+PORTREVISION= 1
CATEGORIES= graphics
MASTER_SITES= http://www.paternostro.org/~ugo/binaries/
MAINTAINER= ports@FreeBSD.org
-FORBIDDEN= "Mark FORBIDDEN; exploitable buffer overflows yielding gid dialer"
LIB_DEPENDS= jpeg.9:${PORTSDIR}/graphics/jpeg \
tiff.4:${PORTSDIR}/graphics/tiff \
diff --git a/graphics/dc20ctrl/files/patch-ac b/graphics/dc20ctrl/files/patch-ac
new file mode 100644
index 000000000000..d35e49f9e6d1
--- /dev/null
+++ b/graphics/dc20ctrl/files/patch-ac
@@ -0,0 +1,11 @@
+diff -ru work/dc20ctrl-0.4/main.h dc20ctrl-0.4/main.h
+--- work/dc20ctrl-0.4/main.h Tue Feb 17 09:19:46 1998
++++ main.h Mon Feb 5 18:56:48 2001
+@@ -49,6 +49,6 @@
+ tiff_predictor;
+ #endif /* USE_TIFF */
+
+-void main(int, char **);
++int main(int, char **);
+
+ #endif /* _MAIN_H_ */
diff --git a/graphics/dc20ctrl/files/patch-ad b/graphics/dc20ctrl/files/patch-ad
new file mode 100644
index 000000000000..982285d0386a
--- /dev/null
+++ b/graphics/dc20ctrl/files/patch-ad
@@ -0,0 +1,43 @@
+diff -ru work/dc20ctrl-0.4/pixmaps.c dc20ctrl-0.4/pixmaps.c
+--- work/dc20ctrl-0.4/pixmaps.c Tue Feb 17 09:19:47 1998
++++ pixmaps.c Mon Feb 5 18:42:18 2001
+@@ -504,26 +504,32 @@
+ * Build the image name
+ */
+
+- strcpy(fname, name);
+- strcat(fname, ".");
++ if (strlcpy(fname, name, sizeof(fname)) >= sizeof(fname))
++ return -1;
++ if (strlcat(fname, ".", sizeof(fname)) >= sizeof(fname))
++ return -1;
+ switch (format & SAVE_FORMATS) {
+ #ifdef USE_JPEG
+ case SAVE_JPEG:
+- strcat(fname, JPEG_EXT);
++ if (strlcat(fname, JPEG_EXT, sizeof(fname)) >= sizeof(fname))
++ return -1;
+ break;
+ #endif /* USE_JPEG */
+ #ifdef USE_TIFF
+ case SAVE_TIFF:
+- strcat(fname, TIFF_EXT);
++ if (strlcat(fname, TIFF_EXT, sizeof(fname)) >= sizeof(fname))
++ return -1;
+ break;
+ #endif /* USE_TIFF */
+ #ifdef USE_PNG
+ case SAVE_PNG:
+- strcat(fname, PNG_EXT);
++ if (strlcat(fname, PNG_EXT, sizeof(fname)) >= sizeof(fname))
++ return -1;
+ break;
+ #endif /* USE_PNG */
+ default:
+- strcat(fname, (to_be_saved->components == 3) ? PPM_EXT : PGM_EXT );
++ if (strlcat(fname, (to_be_saved->components == 3) ? PPM_EXT : PGM_EXT, sizeof(fname)) >= sizeof(fname))
++ return -1;
+ break;
+ }
+
+Only in dc20ctrl-0.4/: rep
diff --git a/graphics/dc20ctrl/files/patch-ae b/graphics/dc20ctrl/files/patch-ae
new file mode 100644
index 000000000000..476e9d7510b5
--- /dev/null
+++ b/graphics/dc20ctrl/files/patch-ae
@@ -0,0 +1,23 @@
+diff -ru work/dc20ctrl-0.4/session.c dc20ctrl-0.4/session.c
+--- work/dc20ctrl-0.4/session.c Tue Feb 17 09:19:47 1998
++++ session.c Mon Feb 5 18:53:30 2001
+@@ -58,7 +58,8 @@
+ if (!quiet) fprintf(stderr, "%s: get_session: error: cannot get home directory\n", __progname);
+ return -1;
+ }
+- sprintf(rc_name, "%s/" RC_NAME, home_dir);
++ if (snprintf(rc_name, sizeof(rc_name), "%s/" RC_NAME, home_dir) >= sizeof(rc_name))
++ return -1;
+ if ((rcd = open(rc_name, O_RDWR | O_CREAT, 0644)) < 0) {
+ if (!quiet) fprintf(stderr, "%s: get_session: warning: cannot open rc file\n", __progname);
+ }
+@@ -84,7 +85,8 @@
+ if (!quiet) fprintf(stderr, "%s: put_session: error: cannot get home directory\n", __progname);
+ return -1;
+ }
+- sprintf(rc_name, "%s/" RC_NAME, home_dir);
++ if (snprintf(rc_name, sizeof(rc_name), "%s/" RC_NAME, home_dir) >= sizeof(rc_name))
++ return -1;
+ if ((rcd = open(rc_name, O_RDWR | O_CREAT, 0644)) < 0) {
+ if (!quiet) fprintf(stderr, "%s: put_session: warning: cannot open rc file\n", __progname);
+ }
diff --git a/graphics/dc20ctrl/files/patch-af b/graphics/dc20ctrl/files/patch-af
new file mode 100644
index 000000000000..e4f2ff760651
--- /dev/null
+++ b/graphics/dc20ctrl/files/patch-af
@@ -0,0 +1,14 @@
+diff -ru work/dc20ctrl-0.4/thumbs_to_file.c dc20ctrl-0.4/thumbs_to_file.c
+--- work/dc20ctrl-0.4/thumbs_to_file.c Tue Feb 17 09:19:47 1998
++++ thumbs_to_file.c Mon Feb 5 18:51:27 2001
+@@ -67,8 +67,8 @@
+ }
+ }
+
+- sprintf(file, base_name, i+1);
+-
++ if (snprintf(file, sizeof(file), base_name, i+1) >= sizeof(file))
++ return -1;
+ save_pixmap(pp, file, (orientation_mask >> (i*2)) & ROT_MASK, format);
+ }
+ }
diff --git a/graphics/dc20ctrl/files/patch-ag b/graphics/dc20ctrl/files/patch-ag
new file mode 100644
index 000000000000..afa1b69661ec
--- /dev/null
+++ b/graphics/dc20ctrl/files/patch-ag
@@ -0,0 +1,13 @@
+diff -ru work/dc20ctrl-0.4/convert_pic.c dc20ctrl-0.4/convert_pic.c
+--- work/dc20ctrl-0.4/convert_pic.c Tue Feb 17 09:19:46 1998
++++ convert_pic.c Mon Feb 5 18:43:44 2001
+@@ -166,7 +166,8 @@
+ * Remove the extension (.cmt) from the file name
+ */
+
+- strcpy(file, base_name);
++ if (strlcpy(file, base_name, sizeof(file)) >= sizeof(file))
++ return -1;
+ if ((extp = strrchr(file, '.')) != NULL)
+ *extp = '\0';
+
diff --git a/graphics/dc20ctrl/files/patch-ah b/graphics/dc20ctrl/files/patch-ah
new file mode 100644
index 000000000000..adf382e60a13
--- /dev/null
+++ b/graphics/dc20ctrl/files/patch-ah
@@ -0,0 +1,84 @@
+--- main.c.orig Wed Feb 18 02:34:18 1998
++++ main.c Mon Feb 5 19:32:38 2001
+@@ -169,7 +169,7 @@
+ *pivot3;
+ int result = 0,
+ i,
+- first,
++ first = 0,
+ last,
+ orientation = ROT_STRAIGHT,
+ this_orientation;
+@@ -195,11 +195,14 @@
+ }
+ this_orientation = orientation; /* sets default orientation */
+ strsep(&pivot2, "-");
+- first = strtol(string, &pivot3, 10);
+- if (first < 1 || first > 16) {
+- if (!quiet) fprintf(stderr, "%s: parse_pics: error: out of range %d\n", __progname, first);
+- return -1;
++ if (string != NULL) {
++ first = strtol(string, &pivot3, 10);
++ if (first < 1 || first > 16) {
++ if (!quiet) fprintf(stderr, "%s: parse_pics: error: out of range %d\n", __progname, first);
++ return -1;
++ }
+ }
++
+ if (pivot2) {
+ if (*pivot3) {
+ if (!quiet) fprintf(stderr, "%s: parse_pics: error: extraneous characters '%s' in %d%s-%s\n", __progname, pivot3, first, pivot3, pivot2);
+@@ -216,8 +219,8 @@
+ } else {
+ last = first;
+ }
+-
+- if (*pivot3) {
++
++ if (pivot3 && *pivot3) {
+ /*
+ * "numberorientation"
+ */
+@@ -245,7 +248,7 @@
+ * Main program: parse switches and take actions
+ */
+
+-void main(int argc, char *argv[])
++int main(int argc, char *argv[])
+ {
+ int curopt,
+ actions = 0,
+@@ -503,17 +506,29 @@
+ clock = time(NULL);
+
+ if (pics_pre) {
+- sprintf(pics_name, "%s_%%d.%%s", pics_pre);
++ if (snprintf(pics_name, sizeof(pics_name), "%s_%%d.%%s", pics_pre) >= sizeof(pics_name)) {
++ fprintf(stderr, "%s: error: filename too long\n", __progname);
++ exit(1);
++ }
+ } else {
+ strftime(name_template, NAME_LEN, "%%s_%Y_%m_%d_%%d_%%%%d.%%%%s", localtime(&clock));
+- sprintf(pics_name, name_template, "pic", session);
++ if (snprintf(pics_name, sizeof(pics_name), name_template, "pic", session) >= sizeof(pics_name)) {
++ fprintf(stderr, "%s: error: filename too long\n", __progname);
++ exit(1);
++ }
+ }
+
+ if (thumbs_pre) {
+- sprintf(thumbs_name, "%s_%%d", thumbs_pre);
++ if (snprintf(thumbs_name, sizeof(thumbs_name), "%s_%%d", thumbs_pre) >= sizeof(thumbs_name)) {
++ fprintf(stderr, "%s: error: filename too long\n", __progname);
++ exit(1);
++ }
+ } else {
+ strftime(name_template, NAME_LEN, "%%s_%Y_%m_%d_%%d_%%%%d", localtime(&clock));
+- sprintf(thumbs_name, name_template, "thumb", session);
++ if (snprintf(thumbs_name, sizeof(thumbs_name), name_template, "thumb", session) >= sizeof(thumbs_name)) {
++ fprintf(stderr, "%s: error: filename too long\n", __progname);
++ exit(1);
++ }
+ }
+
+ if (actions == 0) {