diff options
author | Martin Schlemmer <azarah@gentoo.org> | 2001-12-23 22:57:22 +0000 |
---|---|---|
committer | Martin Schlemmer <azarah@gentoo.org> | 2001-12-23 22:57:22 +0000 |
commit | 971506a7709a7f67dd040811f99ea95addc233df (patch) | |
tree | ba5175500b4aa8841203ddfdba5a411af6188991 /gnome-base/libgtop | |
parent | patch sysvinit not to compile sulogin during 'build' as it needs -lcrypt whic... (diff) | |
download | historical-971506a7709a7f67dd040811f99ea95addc233df.tar.gz historical-971506a7709a7f67dd040811f99ea95addc233df.tar.bz2 historical-971506a7709a7f67dd040811f99ea95addc233df.zip |
fix for remote buffer overflow
Diffstat (limited to 'gnome-base/libgtop')
-rw-r--r-- | gnome-base/libgtop/files/1.0.13-remote_buffer_overflow.diff | 16 | ||||
-rw-r--r-- | gnome-base/libgtop/files/digest-libgtop-1.0.13-r2 | 1 | ||||
-rw-r--r-- | gnome-base/libgtop/libgtop-1.0.13-r2.ebuild | 65 |
3 files changed, 82 insertions, 0 deletions
diff --git a/gnome-base/libgtop/files/1.0.13-remote_buffer_overflow.diff b/gnome-base/libgtop/files/1.0.13-remote_buffer_overflow.diff new file mode 100644 index 000000000000..1cc0380dca04 --- /dev/null +++ b/gnome-base/libgtop/files/1.0.13-remote_buffer_overflow.diff @@ -0,0 +1,16 @@ +diff -Nru libgtop-1.0.13.orig/src/daemon/gnuserv.c libgtop-1.0.13/src/daemon/gnuserv.c +--- libgtop-1.0.13.orig/src/daemon/gnuserv.c Mon Nov 26 20:37:59 2001 ++++ libgtop-1.0.13/src/daemon/gnuserv.c Tue Nov 27 09:16:16 2001 +@@ -200,6 +200,13 @@ + + auth_data_len = atoi (buf); + ++ if (auth_data_len < 1 || auth_data_len > sizeof(buf)) { ++ syslog_message(LOG_WARNING, ++ "Invalid data length supplied by client"); ++ ++ return FALSE; ++ } ++ + if (timed_read (fd, buf, auth_data_len, AUTH_TIMEOUT, 0) != auth_data_len) + return FALSE; diff --git a/gnome-base/libgtop/files/digest-libgtop-1.0.13-r2 b/gnome-base/libgtop/files/digest-libgtop-1.0.13-r2 new file mode 100644 index 000000000000..cafe39e7050d --- /dev/null +++ b/gnome-base/libgtop/files/digest-libgtop-1.0.13-r2 @@ -0,0 +1 @@ +MD5 305abba436c212f50d4be28464a14452 libgtop-1.0.13.tar.gz 1060864 diff --git a/gnome-base/libgtop/libgtop-1.0.13-r2.ebuild b/gnome-base/libgtop/libgtop-1.0.13-r2.ebuild new file mode 100644 index 000000000000..6dfaada4dcf3 --- /dev/null +++ b/gnome-base/libgtop/libgtop-1.0.13-r2.ebuild @@ -0,0 +1,65 @@ +# Copyright 1999-2000 Gentoo Technologies, Inc. +# Distributed under the terms of the GNU General Public License, v2 or later +# Author Achim Gottinger <achim@gentoo.org> +# $Header: /var/cvsroot/gentoo-x86/gnome-base/libgtop/libgtop-1.0.13-r2.ebuild,v 1.1 2001/12/23 22:57:22 azarah Exp $ + +S=${WORKDIR}/${P} +DESCRIPTION="libgtop" +SRC_URI="ftp://ftp.gnome.org/pub/GNOME/stable/sources/${PN}/${P}.tar.gz" + +HOMEPAGE="http://www.gnome.org/" + +RDEPEND=">=sys-devel/bc-1.06 + >=sys-libs/readline-4.1 + >=gnome-base/gnome-libs-1.4.1.2-r1" + +DEPEND="${RDEPEND} + nls? ( sys-devel/gettext ) + sys-devel/perl" + + +src_unpack() { + + unpack ${A} + + # Fix a remote buffer overflow vuln. + cd ${S} + patch -p1 <${FILESDIR}/${PV}-remote_buffer_overflow.diff || die +} + +src_compile() { + + local myconf + + if [ -z "`use nls`" ] + then + myconf="--disable-nls" + fi + + ./configure --host=${CHOST} \ + --prefix=/usr \ + --sysconfdir=/etc \ + --localstatedir=/var/lib \ + --infodir=/usr/share/info \ + ${myconf} || die + + emake || die +} + +src_install() { + + cd ${S}/doc + # Add a INFO-DIR-SECTION section to the info file + patch <${FILESDIR}/libgtop.info.diff || die + cd ${S} + + make prefix=${D}/usr \ + sysconfdir=${D}/etc \ + localstatedir=${D}/var/lib \ + infodir=${D}/usr/share/info \ + install || die + + dodoc ABOUT-NLS AUTHORS COPYING* ChangeLog INSTALL LIBGTOP* + dodoc NEWS RELNOTES* README +} + |