- Fixes buffer overflow about GECOS field [1]

- also fix a bug arround high-score [1]
- create files/patches-* for submission [2]
- portsrevision bump [2]
- entry into vulnxml for < 1.51_3 460118c0-2bde-11e1-bd69-001143cd36d8 [2]

PR:		ports/163274 [1]
Submitted by:	Tsurutani Naoki <turutani@scphys.kyoto-u.ac.jp> (maintainer) [1]
Reviewed by:	scheidell [2]
Approved by:	gabor (mentor)

4 files changed, 52 insertions, 1 deletions

diff --git a/games/xshisen/Makefile b/games/xshisen/Makefile
index efa5105bc610..717492c453ad 100644
--- a/games/xshisen/Makefile
+++ b/games/xshisen/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	xshisen
 PORTVERSION=	1.51
-PORTREVISION=	3
+PORTREVISION=	4
 CATEGORIES=	games
 MASTER_SITES=	LOCAL
 MASTER_SITE_SUBDIR=	hrs
diff --git a/games/xshisen/files/patch-components.h b/games/xshisen/files/patch-components.h
new file mode 100644
index 000000000000..334d9f99c6eb
--- /dev/null
+++ b/games/xshisen/files/patch-components.h
@@ -0,0 +1,12 @@
+--- components.h.orig	2002-07-07 16:34:23.000000000 +0900
++++ components.h	2011-12-07 11:31:45.000000000 +0900
+@@ -61,6 +61,8 @@
+ #define HNUM  (PKIND*2)      // Number of pairs to pick up
+ #define SCORENUM  10         // Number of people to register in high-score
+ #define NAMELEN   28         // Length of name in high-score
++#define NBUFLEN  127         // Length of namebuf-1
++#define GECOSLEN (NBUFLEN-12)    // Length for GECOS field-1
+ 
+ class Timer {
+ private:
+
diff --git a/games/xshisen/files/patch-main.c b/games/xshisen/files/patch-main.c
new file mode 100644
index 000000000000..a16e9bf51d11
--- /dev/null
+++ b/games/xshisen/files/patch-main.c
@@ -0,0 +1,12 @@
+--- main.C.orig	2002-07-07 16:33:55.000000000 +0900
++++ main.C	2011-12-07 11:56:13.000000000 +0900
+@@ -210,7 +210,7 @@
+     char buffer[100], *p;
+     char *(*codeconv)(const char*);
+ 
+-    strcpy(buffer, operation);
++    strncpy(buffer, operation, 99);
+     if (strchr(buffer, '-') == NULL) {
+         strcat(buffer, "-" KANJICODE);
+     }
+
diff --git a/games/xshisen/files/patch-score.c b/games/xshisen/files/patch-score.c
new file mode 100644
index 000000000000..03b8249cf7ed
--- /dev/null
+++ b/games/xshisen/files/patch-score.c
@@ -0,0 +1,27 @@
+--- score.C.orig	2002-06-16 00:20:30.000000000 +0900
++++ score.C	2011-12-14 16:34:35.000000000 +0900
+@@ -73,7 +73,7 @@
+     date[8] = '\0';
+     strncpy(time, &buffer[53], 8);
+     time[8] = '\0';
+-    if (date[0] == '1') {
++    if (date[3] == '-') {
+         for(int i=1; i<8; i++) {
+             date[i-1] = date[i];
+         }
+@@ -372,12 +372,12 @@
+     time_t t;
+     struct tm *tp;
+     struct passwd *pw;
+-    char   namebuf[128], myname[NAMELEN+1], gecos[128], *po;
++    char   namebuf[NBUFLEN+1], myname[NAMELEN+1], gecos[GECOSLEN+1], *po;
+ 
+     s1 = scoreToRegister / 1000;
+     ms_to_hms(scoreToRegister, h, m, s);
+     pw = getpwuid(getuid());
+-    strcpy(gecos, pw->pw_gecos);
++    strncpy(gecos, pw->pw_gecos, GECOSLEN);
+     if ((po = strchr(gecos, ',')) != NULL)
+         *po = 0;
+     sprintf(namebuf, "%-8.8s (%s)", pw->pw_name, gecos);
+