diff options
| author | Dirk Meyer <dinoex@FreeBSD.org> | 2022-03-14 10:06:07 +0000 |
|---|---|---|
| committer | Dirk Meyer <dinoex@FreeBSD.org> | 2022-03-14 10:06:07 +0000 |
| commit | 4b378d2f8e9d27a16581898baa5bc92816ebc185 (patch) | |
| tree | e614a5246d8a98fca950b7352ac83750f59759da | |
| parent | 3d0b738e145f6903c6987ca0c58cbceac51d9c7e (diff) | |
| download | ports-4b378d2f8e9d27a16581898baa5bc92816ebc185.tar.gz ports-4b378d2f8e9d27a16581898baa5bc92816ebc185.zip | |
print/a2ps: use safer patches and comment CVEs
| -rw-r--r-- | print/a2ps/Makefile | 7 | ||||
| -rw-r--r-- | print/a2ps/files/patch-routines.c | 53 | ||||
| -rw-r--r-- | print/a2ps/files/patch-routines.h | 12 |
3 files changed, 71 insertions, 1 deletions
diff --git a/print/a2ps/Makefile b/print/a2ps/Makefile index 0f87796cda36..e11279b47ce5 100644 --- a/print/a2ps/Makefile +++ b/print/a2ps/Makefile @@ -2,7 +2,7 @@ PORTNAME= a2ps PORTVERSION= 4.13b -PORTREVISION= 15 +PORTREVISION= 16 CATEGORIES= print MASTER_SITES= GNU LOCAL/hrs/a2ps/:i18n @@ -23,6 +23,11 @@ INFO= a2ps ogonkify regex WRKSRC= ${WRKDIR}/${PORTNAME}-4.13 I18N_PACKAGE= i18n-fonts-0.1 CPE_VENDOR= gnu +# CVE-2015-8107 fixed in files/patch-output.c +# CVE-2014-0466 fixed in files/patch-fixps.in +# CVE-2004-1377 fixed in files/patch-fixps.in files/patch-contrib-tmpdircreation +# CVE-2004-1170 fixed in files/patch-select.c +# CVE-2001-1593 fixed in files/patch-routines.[hc] CONFIGURE_ARGS= --with-medium=libpaper --sharedstatedir=${PREFIX}/share \ --sysconfdir=${PREFIX}/etc --datadir=${PREFIX}/share \ diff --git a/print/a2ps/files/patch-routines.c b/print/a2ps/files/patch-routines.c new file mode 100644 index 000000000000..c59557984912 --- /dev/null +++ b/print/a2ps/files/patch-routines.c @@ -0,0 +1,53 @@ +--- lib/routines.c.orig 1999-10-16 04:46:37 UTC ++++ lib/routines.c +@@ -242,3 +242,50 @@ unlink2 (PARAM_UNUSED void * dummy, const char * filen + /* Don't complain if you can't unlink. Who cares of a tmp file? */ + unlink (filename); + } ++ ++/* ++ * Securely generate a temp file, and make sure it gets ++ * deleted upon exit. ++ */ ++static char ** tempfiles; ++static unsigned ntempfiles; ++ ++static void ++cleanup_tempfiles() ++{ ++ while (ntempfiles--) ++ unlink(tempfiles[ntempfiles]); ++} ++ ++char * ++safe_tempnam(const char *pfx) ++{ ++ char *dirname, *filename; ++ int fd; ++ ++ if (!(dirname = getenv("TMPDIR"))) ++ dirname = "/tmp"; ++ ++ tempfiles = (char **) realloc(tempfiles, ++ (ntempfiles+1) * sizeof(char *)); ++ if (tempfiles == NULL) ++ return NULL; ++ ++ filename = malloc(strlen(dirname) + strlen(pfx) + sizeof("/XXXXXX")); ++ if (!filename) ++ return NULL; ++ ++ sprintf(filename, "%s/%sXXXXXX", dirname, pfx); ++ ++ if ((fd = mkstemp(filename)) < 0) { ++ free(filename); ++ return NULL; ++ } ++ close(fd); ++ ++ if (ntempfiles == 0) ++ atexit(cleanup_tempfiles); ++ tempfiles[ntempfiles++] = filename; ++ ++ return filename; ++} diff --git a/print/a2ps/files/patch-routines.h b/print/a2ps/files/patch-routines.h new file mode 100644 index 000000000000..68a01d5e2325 --- /dev/null +++ b/print/a2ps/files/patch-routines.h @@ -0,0 +1,12 @@ +--- lib/routines.h.orig 1999-10-18 20:24:41 UTC ++++ lib/routines.h +@@ -255,7 +255,8 @@ FILE * xwpopen PARAMS ((const char * command)); + /* If _STR_ is not defined, give it a tempname in _TMPDIR_ */ + #define tempname_ensure(Str) \ + do { \ +- (Str) = (Str) ? (Str) : tempnam (NULL, "a2_"); \ ++ (Str) = (Str) ? (Str) : safe_tempnam("a2_"); \ + } while (0) ++char * safe_tempnam(const char *); + + #endif |