summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPeter Volkov <pva@gentoo.org>2008-10-06 20:00:12 +0000
committerPeter Volkov <pva@gentoo.org>2008-10-06 20:00:12 +0000
commit85a1be2a5e44f876bf2cb0a1ff90b9a9ae952d4c (patch)
tree743926a634e4ff99024286fa167becf3e999dcc6 /app-forensics/chkrootkit
parentremove vntex block, its gone (diff)
downloadgentoo-2-85a1be2a5e44f876bf2cb0a1ff90b9a9ae952d4c.tar.gz
gentoo-2-85a1be2a5e44f876bf2cb0a1ff90b9a9ae952d4c.tar.bz2
gentoo-2-85a1be2a5e44f876bf2cb0a1ff90b9a9ae952d4c.zip
Fixed chkutmp crash, bug #184962, thank barbaz for report and Stewart Gebbie for the fix.
(Portage version: 2.2_rc11/cvs/Linux 2.6.26-gentoo-r1 i686)
Diffstat (limited to 'app-forensics/chkrootkit')
-rw-r--r--app-forensics/chkrootkit/ChangeLog10
-rw-r--r--app-forensics/chkrootkit/chkrootkit-0.48-r1.ebuild (renamed from app-forensics/chkrootkit/chkrootkit-0.48.ebuild)3
-rw-r--r--app-forensics/chkrootkit/files/chkrootkit-0.48-chkutmp.c-some-overruns-fixes.patch57
3 files changed, 68 insertions, 2 deletions
diff --git a/app-forensics/chkrootkit/ChangeLog b/app-forensics/chkrootkit/ChangeLog
index d87c5a81b8b9..ae66cad83c8f 100644
--- a/app-forensics/chkrootkit/ChangeLog
+++ b/app-forensics/chkrootkit/ChangeLog
@@ -1,6 +1,14 @@
# ChangeLog for app-forensics/chkrootkit
# Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-forensics/chkrootkit/ChangeLog,v 1.47 2008/10/06 19:38:01 pva Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/chkrootkit/ChangeLog,v 1.48 2008/10/06 20:00:11 pva Exp $
+
+*chkrootkit-0.48-r1 (06 Oct 2008)
+
+ 06 Oct 2008; Peter Volkov <pva@gentoo.org>
+ +files/chkrootkit-0.48-chkutmp.c-some-overruns-fixes.patch,
+ -chkrootkit-0.48.ebuild, +chkrootkit-0.48-r1.ebuild:
+ Fixed chkutmp crash, bug #184962, thank barbaz for report and Stewart
+ Gebbie for the fix.
*chkrootkit-0.48 (06 Oct 2008)
diff --git a/app-forensics/chkrootkit/chkrootkit-0.48.ebuild b/app-forensics/chkrootkit/chkrootkit-0.48-r1.ebuild
index 72c739aabf37..e1f30d27d78e 100644
--- a/app-forensics/chkrootkit/chkrootkit-0.48.ebuild
+++ b/app-forensics/chkrootkit/chkrootkit-0.48-r1.ebuild
@@ -1,6 +1,6 @@
# Copyright 1999-2008 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-forensics/chkrootkit/chkrootkit-0.48.ebuild,v 1.1 2008/10/06 19:38:01 pva Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-forensics/chkrootkit/chkrootkit-0.48-r1.ebuild,v 1.1 2008/10/06 20:00:11 pva Exp $
inherit eutils toolchain-funcs
@@ -20,6 +20,7 @@ src_unpack() {
epatch "${WORKDIR}/${P}-gentoo.diff"
epatch "${FILESDIR}/${P}-shell-history-anomalies.diff"
+ epatch "${FILESDIR}/${P}-chkutmp.c-some-overruns-fixes.patch"
sed -i 's:/var/adm/:/var/log/:g' chklastlog.c || die "sed chklastlog.c failed"
}
diff --git a/app-forensics/chkrootkit/files/chkrootkit-0.48-chkutmp.c-some-overruns-fixes.patch b/app-forensics/chkrootkit/files/chkrootkit-0.48-chkutmp.c-some-overruns-fixes.patch
new file mode 100644
index 000000000000..09ba065a0697
--- /dev/null
+++ b/app-forensics/chkrootkit/files/chkrootkit-0.48-chkutmp.c-some-overruns-fixes.patch
@@ -0,0 +1,57 @@
+=== modified file 'chkutmp.c'
+--- chkutmp.c 2008-10-06 19:07:51 +0000
++++ chkutmp.c 2007-10-20 07:56:19 +0000
+@@ -23,6 +23,7 @@
+ *
+ * Changelog:
+ * Ighighi X - Improved speed via break command - 2005/03/27
++ * Stewart Gebbie - fixed buffer overrun bug related to MAXREAD and UT_PIDLENGTH - 2007-10-20
+ *
+ */
+
+@@ -42,7 +43,7 @@
+ #endif
+ #include <ctype.h>
+
+-#define MAXREAD 1024
++#define MAXREAD 4096
+ #define MAXBUF 4096
+ #define MAXLENGTH 256
+ #define UT_PIDSIZE 12
+@@ -57,13 +58,13 @@
+ #endif
+
+ struct ps_line {
+- char ps_tty[UT_LINESIZE];
+- char ps_user[UT_NAMESIZE];
+- char ps_args[MAXLENGTH];
++ char ps_tty[UT_LINESIZE+1];
++ char ps_user[UT_NAMESIZE+1];
++ char ps_args[MAXLENGTH+1];
+ int ps_pid;
+ };
+ struct utmp_line {
+- char ut_tty[UT_LINESIZE];
++ char ut_tty[UT_LINESIZE+1];
+ int ut_pid;
+ int ut_type;
+ };
+@@ -77,7 +78,7 @@
+ int fetchps(struct ps_line *psl_p)
+ {
+ FILE *ps_fp;
+- char line[MAXREAD + 1], pid[UT_PIDSIZE];
++ char line[MAXREAD + 1], pid[UT_PIDSIZE+1];
+ char *s, *d;
+ struct ps_line *curp = &psl_p[0];
+ struct ps_line *endp = &psl_p[MAXBUF];
+@@ -97,7 +98,7 @@
+ while (isspace(*s)) /* skip spaces */
+ s++;
+ d = pid;
+- for (x = 0; (!isspace(*s)) && (*d++ = *s++) && x <= UT_LINESIZE; x++) /* grab pid */
++ for (x = 0; (!isspace(*s)) && (*d++ = *s++) && x <= UT_PIDSIZE; x++) /* grab pid */
+ ;
+ *d = '\0';
+ curp->ps_pid = atoi(pid);
+