diff options
author | Mike Frysinger <vapier@gentoo.org> | 2007-02-10 18:44:27 +0000 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2007-02-10 18:44:27 +0000 |
commit | 13d82108806be8b3345472302711eb385597c5ec (patch) | |
tree | 6b1a9b4092110152cab2faf2e859631f350f9d6e /sys-apps/findutils | |
parent | remove vulnerable versions (diff) | |
download | historical-13d82108806be8b3345472302711eb385597c5ec.tar.gz historical-13d82108806be8b3345472302711eb385597c5ec.tar.bz2 historical-13d82108806be8b3345472302711eb385597c5ec.zip |
Fix segfault when given a non-numeric value to some options #166233 by Rafal Wijata.
Package-Manager: portage-2.1.2-r9
Diffstat (limited to 'sys-apps/findutils')
-rw-r--r-- | sys-apps/findutils/ChangeLog | 10 | ||||
-rw-r--r-- | sys-apps/findutils/Manifest | 27 | ||||
-rw-r--r-- | sys-apps/findutils/files/digest-findutils-4.3.2-r1 | 3 | ||||
-rw-r--r-- | sys-apps/findutils/files/findutils-4.3.2-check-insert-num-ret.patch | 61 | ||||
-rw-r--r-- | sys-apps/findutils/findutils-4.3.2-r1.ebuild | 64 |
5 files changed, 156 insertions, 9 deletions
diff --git a/sys-apps/findutils/ChangeLog b/sys-apps/findutils/ChangeLog index 847b9bf9e227..08c9ac19c2ef 100644 --- a/sys-apps/findutils/ChangeLog +++ b/sys-apps/findutils/ChangeLog @@ -1,6 +1,14 @@ # ChangeLog for sys-apps/findutils # Copyright 1999-2007 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/sys-apps/findutils/ChangeLog,v 1.96 2007/01/05 09:10:55 flameeyes Exp $ +# $Header: /var/cvsroot/gentoo-x86/sys-apps/findutils/ChangeLog,v 1.97 2007/02/10 18:44:27 vapier Exp $ + +*findutils-4.3.2-r1 (10 Feb 2007) + + 10 Feb 2007; Mike Frysinger <vapier@gentoo.org> + +files/findutils-4.3.2-check-insert-num-ret.patch, + +findutils-4.3.2-r1.ebuild: + Fix segfault when given a non-numeric value to some options #166233 by Rafal + Wijata. 05 Jan 2007; Diego Pettenò <flameeyes@gentoo.org> findutils-4.1.20-r2.ebuild: diff --git a/sys-apps/findutils/Manifest b/sys-apps/findutils/Manifest index fd118beeb7c7..2242f7869df6 100644 --- a/sys-apps/findutils/Manifest +++ b/sys-apps/findutils/Manifest @@ -33,6 +33,10 @@ AUX findutils-4.3.1-sv-bug-17490.patch 1563 RMD160 d671c0569c6cb26f7a85c3460e980 MD5 2ffa34f94dc91609bc2509a4bf4a916b files/findutils-4.3.1-sv-bug-17490.patch 1563 RMD160 d671c0569c6cb26f7a85c3460e98038c28fa6674 files/findutils-4.3.1-sv-bug-17490.patch 1563 SHA256 0421f9c8c946acdd104928a4f2eb50de303f97530515a616ccad081a2bb27094 files/findutils-4.3.1-sv-bug-17490.patch 1563 +AUX findutils-4.3.2-check-insert-num-ret.patch 1659 RMD160 912f83c868dcf56453af2970d7fdf08211d9f457 SHA1 811b87787f4931327c586b1ea617110ae6e9fded SHA256 815e02b792f8dd5fe8729319b3c98cf806cef127dab787b41e3a86dfefeabb47 +MD5 596b56ea812bfda9da3088a998aeeaef files/findutils-4.3.2-check-insert-num-ret.patch 1659 +RMD160 912f83c868dcf56453af2970d7fdf08211d9f457 files/findutils-4.3.2-check-insert-num-ret.patch 1659 +SHA256 815e02b792f8dd5fe8729319b3c98cf806cef127dab787b41e3a86dfefeabb47 files/findutils-4.3.2-check-insert-num-ret.patch 1659 AUX findutils-env-size.patch 672 RMD160 8a88bf1346d7c54bf9936a037975558e4490e5c2 SHA1 0eb4276b7ef05529938a84696f6565f35d36811c SHA256 5d83294b209acbe6dc12b941becc0556e86a80d5f4de4ab3af4dd1c182b7af95 MD5 0315b5033cf65d15f24b1c252070db45 files/findutils-env-size.patch 672 RMD160 8a88bf1346d7c54bf9936a037975558e4490e5c2 files/findutils-env-size.patch 672 @@ -76,14 +80,18 @@ EBUILD findutils-4.3.1.ebuild 1743 RMD160 8fb6d72929a70bebf369594f54c986c1c8d774 MD5 052e3c215a49d27819350e4f8559f770 findutils-4.3.1.ebuild 1743 RMD160 8fb6d72929a70bebf369594f54c986c1c8d7748f findutils-4.3.1.ebuild 1743 SHA256 c24f812efec1364127f3c53fa8178039134319471aff3247a0b849a33ce6b3a4 findutils-4.3.1.ebuild 1743 +EBUILD findutils-4.3.2-r1.ebuild 1796 RMD160 df39908aeaa0d4b087444c555bf604131b25f53f SHA1 3785ba150f5a72a684cc796081c0b1fad9e9aa45 SHA256 5c0273ec4dddbd8f3b5c8cd12d77850f6080918cc559acfdf391b7778f055cf0 +MD5 103b51eb09eddd6b860aadaac609d12e findutils-4.3.2-r1.ebuild 1796 +RMD160 df39908aeaa0d4b087444c555bf604131b25f53f findutils-4.3.2-r1.ebuild 1796 +SHA256 5c0273ec4dddbd8f3b5c8cd12d77850f6080918cc559acfdf391b7778f055cf0 findutils-4.3.2-r1.ebuild 1796 EBUILD findutils-4.3.2.ebuild 1733 RMD160 84debd315da4937e7c5b536809b1790073f7c27b SHA1 88b2af16861fe27055c2222bcf434b2360d2a5e4 SHA256 36b40dab00b3d9dac56ec58d34546690089c9637bb3d1cd781f3a0050796f155 MD5 b049070dc5e19447a7d88ba11282e7f4 findutils-4.3.2.ebuild 1733 RMD160 84debd315da4937e7c5b536809b1790073f7c27b findutils-4.3.2.ebuild 1733 SHA256 36b40dab00b3d9dac56ec58d34546690089c9637bb3d1cd781f3a0050796f155 findutils-4.3.2.ebuild 1733 -MISC ChangeLog 14281 RMD160 d1fcae8ad01ccd9f8dddab9ef1a86148d4f07e14 SHA1 3e1a1058042f1af315461c36124f1a12f2b1383e SHA256 a394d798cc18c1ce6b324fdb0e9af1755887ca6bc7c8e1d57fda147a0f444848 -MD5 f3153a175099368fe54977e214984666 ChangeLog 14281 -RMD160 d1fcae8ad01ccd9f8dddab9ef1a86148d4f07e14 ChangeLog 14281 -SHA256 a394d798cc18c1ce6b324fdb0e9af1755887ca6bc7c8e1d57fda147a0f444848 ChangeLog 14281 +MISC ChangeLog 14536 RMD160 b3c0049429316bf6eff4b92a5d29dad22aed57b2 SHA1 067b391de99971dfef3d3728c65f1e45f57253ca SHA256 c85588fe2850ef207d64dec4b7c10ad49688e5263737413b405f24da77e42ee2 +MD5 7fb8e11e57e0a939b3a8f87e03f224df ChangeLog 14536 +RMD160 b3c0049429316bf6eff4b92a5d29dad22aed57b2 ChangeLog 14536 +SHA256 c85588fe2850ef207d64dec4b7c10ad49688e5263737413b405f24da77e42ee2 ChangeLog 14536 MISC metadata.xml 165 RMD160 84307ea324cd4f0f46d52f2fa096a1873e2fbe53 SHA1 c7b83ef947fe7e8273cc512fee9bba06586a58f9 SHA256 23a8851c12bd4cf7cf0528250ad5605be6b0780bbec0c51331d6d2c618c13f6a MD5 6fe58567b648100d4ff11902921b6889 metadata.xml 165 RMD160 84307ea324cd4f0f46d52f2fa096a1873e2fbe53 metadata.xml 165 @@ -112,10 +120,13 @@ SHA256 9d6fcf207ab4e0b103a067c7c109cb25f2f07a732935435552ca04f582e1c2d1 files/di MD5 babec93d11d1ea9f0a50ff468c695967 files/digest-findutils-4.3.2 250 RMD160 35b88aafc1d8b38a19c130ff6a936e604eb9067d files/digest-findutils-4.3.2 250 SHA256 920a01ea70e5a990e2bafcf00a0378b2c9aed6f4ed2c17a8a98a995c73ab4e40 files/digest-findutils-4.3.2 250 +MD5 babec93d11d1ea9f0a50ff468c695967 files/digest-findutils-4.3.2-r1 250 +RMD160 35b88aafc1d8b38a19c130ff6a936e604eb9067d files/digest-findutils-4.3.2-r1 250 +SHA256 920a01ea70e5a990e2bafcf00a0378b2c9aed6f4ed2c17a8a98a995c73ab4e40 files/digest-findutils-4.3.2-r1 250 -----BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.1 (GNU/Linux) +Version: GnuPG v2.0.2 (GNU/Linux) -iD8DBQFFnhYnAiZjviIA2XgRAqFsAKCWy7Q4nh5ihbfW3mN4VrzlS0EweQCgsqVC -chwwvqoiIlfpKST1WWC8GWM= -=EGp6 +iD8DBQFFzhKd8bi6rjpTunYRApCCAJ982PC/7gDcENYR8zDABC42vbSCJQCg2GT1 +YDLpc83F5iu8fS/qgfoVxDY= +=j1dv -----END PGP SIGNATURE----- diff --git a/sys-apps/findutils/files/digest-findutils-4.3.2-r1 b/sys-apps/findutils/files/digest-findutils-4.3.2-r1 new file mode 100644 index 000000000000..353698fff53b --- /dev/null +++ b/sys-apps/findutils/files/digest-findutils-4.3.2-r1 @@ -0,0 +1,3 @@ +MD5 a9264d0ebbdb6d9fad8aa53926519efa findutils-4.3.2.tar.gz 1307352 +RMD160 1d7b7c253b4af8c03558ad3d13512375150e1a2a findutils-4.3.2.tar.gz 1307352 +SHA256 fbb3f2136f98527d7ba2c3e67d432d5967bdf251f247165a2ba62d4221740477 findutils-4.3.2.tar.gz 1307352 diff --git a/sys-apps/findutils/files/findutils-4.3.2-check-insert-num-ret.patch b/sys-apps/findutils/files/findutils-4.3.2-check-insert-num-ret.patch new file mode 100644 index 000000000000..a406b7098f80 --- /dev/null +++ b/sys-apps/findutils/files/findutils-4.3.2-check-insert-num-ret.patch @@ -0,0 +1,61 @@ +If insert_num() is given an invalid value, it returns NULL, so we need to +check its return at each instance. + +http://bugs.gentoo.org/166233 + +--- findutils-4.3.2/find/parser.c ++++ findutils-4.3.2/find/parser.c +@@ -847,8 +847,10 @@ + parse_gid (const struct parser_table* entry, char **argv, int *arg_ptr) + { + struct predicate *p = insert_num (argv, arg_ptr, entry); ++ if (p == NULL) ++ return false; + p->est_success_rate = (p->args.info.l_val < 100) ? 0.99 : 0.2; +- return p; ++ return true; + } + + static boolean +@@ -1010,9 +1012,11 @@ + parse_inum (const struct parser_table* entry, char **argv, int *arg_ptr) + { + struct predicate *p = insert_num (argv, arg_ptr, entry); ++ if (p == NULL) ++ return false; + /* inode number is exact match only, so very low proportions of files match */ + p->est_success_rate = 1e-6; +- return p; ++ return true; + } + + /* -ipath is deprecated (at RMS's request) in favour of +@@ -1057,13 +1061,15 @@ + parse_links (const struct parser_table* entry, char **argv, int *arg_ptr) + { + struct predicate *p = insert_num (argv, arg_ptr, entry); ++ if (p == NULL) ++ return false; + if (p->args.info.l_val == 1) + p->est_success_rate = 0.99; + else if (p->args.info.l_val == 2) + p->est_success_rate = 0.01; + else + p->est_success_rate = 1e-3; +- return p; ++ return true; + } + + static boolean +@@ -1835,8 +1841,10 @@ + parse_uid (const struct parser_table* entry, char **argv, int *arg_ptr) + { + struct predicate *p = insert_num (argv, arg_ptr, entry); ++ if (p == NULL) ++ return false; + p->est_success_rate = (p->args.info.l_val < 100) ? 0.99 : 0.2; +- return p; ++ return true; + } + + static boolean diff --git a/sys-apps/findutils/findutils-4.3.2-r1.ebuild b/sys-apps/findutils/findutils-4.3.2-r1.ebuild new file mode 100644 index 000000000000..99265beda3ff --- /dev/null +++ b/sys-apps/findutils/findutils-4.3.2-r1.ebuild @@ -0,0 +1,64 @@ +# Copyright 1999-2007 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/sys-apps/findutils/findutils-4.3.2-r1.ebuild,v 1.1 2007/02/10 18:44:27 vapier Exp $ + +inherit eutils flag-o-matic toolchain-funcs multilib + +SELINUX_PATCH="findutils-4.3.1-selinux.diff" + +DESCRIPTION="GNU utilities for finding files" +HOMEPAGE="http://www.gnu.org/software/findutils/findutils.html" +# SRC_URI="mirror://gnu/${PN}/${P}.tar.gz mirror://gentoo/${P}.tar.gz" +SRC_URI="ftp://alpha.gnu.org/gnu/${PN}/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="alpha amd64 arm hppa ia64 m68k ~mips ppc ppc64 s390 sh sparc x86 ~x86-fbsd" +IUSE="nls selinux static" + +RDEPEND="selinux? ( sys-libs/libselinux ) + nls? ( virtual/libintl )" +DEPEND="${RDEPEND} + nls? ( sys-devel/gettext )" + +src_unpack() { + unpack ${A} + cd "${S}" + + epatch "${FILESDIR}"/${P}-check-insert-num-ret.patch #166233 + + # Don't build or install locate because it conflicts with slocate, + # which is a secure version of locate. See bug 18729 + sed -i '/^SUBDIRS/s/locate//' Makefile.in + + # Patches for selinux + use selinux && epatch "${FILESDIR}/${SELINUX_PATCH}" + + if ! has userpriv ${FEATURES} ; then + sed -i '/access.exp/d' find/testsuite/Makefile.in + rm -f find/testsuite/find.gnu/access.{exp,xo} + fi +} + +src_compile() { + use static && append-ldflags -static + + local myconf + use userland_GNU || myconf=" --program-prefix=g" + + if echo "#include <regex.h>" | $(tc-getCPP) > /dev/null ; then + myconf="${myconf} --without-included-regex" + fi + + econf \ + $(use_enable nls) \ + --libexecdir=/usr/$(get_libdir)/find \ + ${myconf} \ + || die "configure failed" + emake AR="$(tc-getAR)" || die "make failed" +} + +src_install() { + emake DESTDIR="${D}" install || die + dodoc NEWS README TODO ChangeLog +} |