diff options
author | Kris Kennaway <kris@FreeBSD.org> | 2001-02-07 20:33:48 +0000 |
---|---|---|
committer | Kris Kennaway <kris@FreeBSD.org> | 2001-02-07 20:33:48 +0000 |
commit | d8f67662daab00ff6f32f356ba7330836d1f8261 (patch) | |
tree | 0cb4f4147cbec768c0e14dffee3d89b472e5810b /graphics | |
parent | Fix a core dump when doing 'tosha -i'. (Maintainer timeout after about two (diff) |
Fix overflows and bump PORTREVISION.
Reviewed by: jedgar
Diffstat (limited to 'graphics')
-rw-r--r-- | graphics/dc20ctrl/Makefile | 2 | ||||
-rw-r--r-- | graphics/dc20ctrl/files/patch-ac | 11 | ||||
-rw-r--r-- | graphics/dc20ctrl/files/patch-ad | 43 | ||||
-rw-r--r-- | graphics/dc20ctrl/files/patch-ae | 23 | ||||
-rw-r--r-- | graphics/dc20ctrl/files/patch-af | 14 | ||||
-rw-r--r-- | graphics/dc20ctrl/files/patch-ag | 13 | ||||
-rw-r--r-- | graphics/dc20ctrl/files/patch-ah | 84 |
7 files changed, 189 insertions, 1 deletions
diff --git a/graphics/dc20ctrl/Makefile b/graphics/dc20ctrl/Makefile index 768730e986b6..c9a7c3a2b938 100644 --- a/graphics/dc20ctrl/Makefile +++ b/graphics/dc20ctrl/Makefile @@ -7,11 +7,11 @@ PORTNAME= dc20ctrl PORTVERSION= 0.4 +PORTREVISION= 1 CATEGORIES= graphics MASTER_SITES= http://www.paternostro.org/~ugo/binaries/ MAINTAINER= ports@FreeBSD.org -FORBIDDEN= "Mark FORBIDDEN; exploitable buffer overflows yielding gid dialer" LIB_DEPENDS= jpeg.9:${PORTSDIR}/graphics/jpeg \ tiff.4:${PORTSDIR}/graphics/tiff \ diff --git a/graphics/dc20ctrl/files/patch-ac b/graphics/dc20ctrl/files/patch-ac new file mode 100644 index 000000000000..d35e49f9e6d1 --- /dev/null +++ b/graphics/dc20ctrl/files/patch-ac @@ -0,0 +1,11 @@ +diff -ru work/dc20ctrl-0.4/main.h dc20ctrl-0.4/main.h +--- work/dc20ctrl-0.4/main.h Tue Feb 17 09:19:46 1998 ++++ main.h Mon Feb 5 18:56:48 2001 +@@ -49,6 +49,6 @@ + tiff_predictor; + #endif /* USE_TIFF */ + +-void main(int, char **); ++int main(int, char **); + + #endif /* _MAIN_H_ */ diff --git a/graphics/dc20ctrl/files/patch-ad b/graphics/dc20ctrl/files/patch-ad new file mode 100644 index 000000000000..982285d0386a --- /dev/null +++ b/graphics/dc20ctrl/files/patch-ad @@ -0,0 +1,43 @@ +diff -ru work/dc20ctrl-0.4/pixmaps.c dc20ctrl-0.4/pixmaps.c +--- work/dc20ctrl-0.4/pixmaps.c Tue Feb 17 09:19:47 1998 ++++ pixmaps.c Mon Feb 5 18:42:18 2001 +@@ -504,26 +504,32 @@ + * Build the image name + */ + +- strcpy(fname, name); +- strcat(fname, "."); ++ if (strlcpy(fname, name, sizeof(fname)) >= sizeof(fname)) ++ return -1; ++ if (strlcat(fname, ".", sizeof(fname)) >= sizeof(fname)) ++ return -1; + switch (format & SAVE_FORMATS) { + #ifdef USE_JPEG + case SAVE_JPEG: +- strcat(fname, JPEG_EXT); ++ if (strlcat(fname, JPEG_EXT, sizeof(fname)) >= sizeof(fname)) ++ return -1; + break; + #endif /* USE_JPEG */ + #ifdef USE_TIFF + case SAVE_TIFF: +- strcat(fname, TIFF_EXT); ++ if (strlcat(fname, TIFF_EXT, sizeof(fname)) >= sizeof(fname)) ++ return -1; + break; + #endif /* USE_TIFF */ + #ifdef USE_PNG + case SAVE_PNG: +- strcat(fname, PNG_EXT); ++ if (strlcat(fname, PNG_EXT, sizeof(fname)) >= sizeof(fname)) ++ return -1; + break; + #endif /* USE_PNG */ + default: +- strcat(fname, (to_be_saved->components == 3) ? PPM_EXT : PGM_EXT ); ++ if (strlcat(fname, (to_be_saved->components == 3) ? PPM_EXT : PGM_EXT, sizeof(fname)) >= sizeof(fname)) ++ return -1; + break; + } + +Only in dc20ctrl-0.4/: rep diff --git a/graphics/dc20ctrl/files/patch-ae b/graphics/dc20ctrl/files/patch-ae new file mode 100644 index 000000000000..476e9d7510b5 --- /dev/null +++ b/graphics/dc20ctrl/files/patch-ae @@ -0,0 +1,23 @@ +diff -ru work/dc20ctrl-0.4/session.c dc20ctrl-0.4/session.c +--- work/dc20ctrl-0.4/session.c Tue Feb 17 09:19:47 1998 ++++ session.c Mon Feb 5 18:53:30 2001 +@@ -58,7 +58,8 @@ + if (!quiet) fprintf(stderr, "%s: get_session: error: cannot get home directory\n", __progname); + return -1; + } +- sprintf(rc_name, "%s/" RC_NAME, home_dir); ++ if (snprintf(rc_name, sizeof(rc_name), "%s/" RC_NAME, home_dir) >= sizeof(rc_name)) ++ return -1; + if ((rcd = open(rc_name, O_RDWR | O_CREAT, 0644)) < 0) { + if (!quiet) fprintf(stderr, "%s: get_session: warning: cannot open rc file\n", __progname); + } +@@ -84,7 +85,8 @@ + if (!quiet) fprintf(stderr, "%s: put_session: error: cannot get home directory\n", __progname); + return -1; + } +- sprintf(rc_name, "%s/" RC_NAME, home_dir); ++ if (snprintf(rc_name, sizeof(rc_name), "%s/" RC_NAME, home_dir) >= sizeof(rc_name)) ++ return -1; + if ((rcd = open(rc_name, O_RDWR | O_CREAT, 0644)) < 0) { + if (!quiet) fprintf(stderr, "%s: put_session: warning: cannot open rc file\n", __progname); + } diff --git a/graphics/dc20ctrl/files/patch-af b/graphics/dc20ctrl/files/patch-af new file mode 100644 index 000000000000..e4f2ff760651 --- /dev/null +++ b/graphics/dc20ctrl/files/patch-af @@ -0,0 +1,14 @@ +diff -ru work/dc20ctrl-0.4/thumbs_to_file.c dc20ctrl-0.4/thumbs_to_file.c +--- work/dc20ctrl-0.4/thumbs_to_file.c Tue Feb 17 09:19:47 1998 ++++ thumbs_to_file.c Mon Feb 5 18:51:27 2001 +@@ -67,8 +67,8 @@ + } + } + +- sprintf(file, base_name, i+1); +- ++ if (snprintf(file, sizeof(file), base_name, i+1) >= sizeof(file)) ++ return -1; + save_pixmap(pp, file, (orientation_mask >> (i*2)) & ROT_MASK, format); + } + } diff --git a/graphics/dc20ctrl/files/patch-ag b/graphics/dc20ctrl/files/patch-ag new file mode 100644 index 000000000000..afa1b69661ec --- /dev/null +++ b/graphics/dc20ctrl/files/patch-ag @@ -0,0 +1,13 @@ +diff -ru work/dc20ctrl-0.4/convert_pic.c dc20ctrl-0.4/convert_pic.c +--- work/dc20ctrl-0.4/convert_pic.c Tue Feb 17 09:19:46 1998 ++++ convert_pic.c Mon Feb 5 18:43:44 2001 +@@ -166,7 +166,8 @@ + * Remove the extension (.cmt) from the file name + */ + +- strcpy(file, base_name); ++ if (strlcpy(file, base_name, sizeof(file)) >= sizeof(file)) ++ return -1; + if ((extp = strrchr(file, '.')) != NULL) + *extp = '\0'; + diff --git a/graphics/dc20ctrl/files/patch-ah b/graphics/dc20ctrl/files/patch-ah new file mode 100644 index 000000000000..adf382e60a13 --- /dev/null +++ b/graphics/dc20ctrl/files/patch-ah @@ -0,0 +1,84 @@ +--- main.c.orig Wed Feb 18 02:34:18 1998 ++++ main.c Mon Feb 5 19:32:38 2001 +@@ -169,7 +169,7 @@ + *pivot3; + int result = 0, + i, +- first, ++ first = 0, + last, + orientation = ROT_STRAIGHT, + this_orientation; +@@ -195,11 +195,14 @@ + } + this_orientation = orientation; /* sets default orientation */ + strsep(&pivot2, "-"); +- first = strtol(string, &pivot3, 10); +- if (first < 1 || first > 16) { +- if (!quiet) fprintf(stderr, "%s: parse_pics: error: out of range %d\n", __progname, first); +- return -1; ++ if (string != NULL) { ++ first = strtol(string, &pivot3, 10); ++ if (first < 1 || first > 16) { ++ if (!quiet) fprintf(stderr, "%s: parse_pics: error: out of range %d\n", __progname, first); ++ return -1; ++ } + } ++ + if (pivot2) { + if (*pivot3) { + if (!quiet) fprintf(stderr, "%s: parse_pics: error: extraneous characters '%s' in %d%s-%s\n", __progname, pivot3, first, pivot3, pivot2); +@@ -216,8 +219,8 @@ + } else { + last = first; + } +- +- if (*pivot3) { ++ ++ if (pivot3 && *pivot3) { + /* + * "numberorientation" + */ +@@ -245,7 +248,7 @@ + * Main program: parse switches and take actions + */ + +-void main(int argc, char *argv[]) ++int main(int argc, char *argv[]) + { + int curopt, + actions = 0, +@@ -503,17 +506,29 @@ + clock = time(NULL); + + if (pics_pre) { +- sprintf(pics_name, "%s_%%d.%%s", pics_pre); ++ if (snprintf(pics_name, sizeof(pics_name), "%s_%%d.%%s", pics_pre) >= sizeof(pics_name)) { ++ fprintf(stderr, "%s: error: filename too long\n", __progname); ++ exit(1); ++ } + } else { + strftime(name_template, NAME_LEN, "%%s_%Y_%m_%d_%%d_%%%%d.%%%%s", localtime(&clock)); +- sprintf(pics_name, name_template, "pic", session); ++ if (snprintf(pics_name, sizeof(pics_name), name_template, "pic", session) >= sizeof(pics_name)) { ++ fprintf(stderr, "%s: error: filename too long\n", __progname); ++ exit(1); ++ } + } + + if (thumbs_pre) { +- sprintf(thumbs_name, "%s_%%d", thumbs_pre); ++ if (snprintf(thumbs_name, sizeof(thumbs_name), "%s_%%d", thumbs_pre) >= sizeof(thumbs_name)) { ++ fprintf(stderr, "%s: error: filename too long\n", __progname); ++ exit(1); ++ } + } else { + strftime(name_template, NAME_LEN, "%%s_%Y_%m_%d_%%d_%%%%d", localtime(&clock)); +- sprintf(thumbs_name, name_template, "thumb", session); ++ if (snprintf(thumbs_name, sizeof(thumbs_name), name_template, "thumb", session) >= sizeof(thumbs_name)) { ++ fprintf(stderr, "%s: error: filename too long\n", __progname); ++ exit(1); ++ } + } + + if (actions == 0) { |