aboutsummaryrefslogtreecommitdiffstats
path: root/ftp/gftp
diff options
context:
space:
mode:
authormiwi <miwi@FreeBSD.org>2007-11-06 05:54:46 +0800
committermiwi <miwi@FreeBSD.org>2007-11-06 05:54:46 +0800
commit8531a605706e1563902c5bd4ac41a1d5fb9f035a (patch)
tree63c74db396b687758acbed46fe3ccd171bc97bee /ftp/gftp
parentc70d01c422fdc726536130b6c683aeac159cbb1e (diff)
downloadfreebsd-ports-gnome-8531a605706e1563902c5bd4ac41a1d5fb9f035a.tar.gz
freebsd-ports-gnome-8531a605706e1563902c5bd4ac41a1d5fb9f035a.tar.zst
freebsd-ports-gnome-8531a605706e1563902c5bd4ac41a1d5fb9f035a.zip
- Kalle Olavi Niemitalo discovered two boundary errors in fsplib code
included in gFTP when processing overly long directory or file names. - Bump PORTREVISION Reviewed by: simon Approved by: portmgr (erwin) Obtained from: gentoo cvs Security: http://www.vuxml.org/freebsd/f8b0f83c-8bb3-11dc-bffa-0016179b2dd5.html
Diffstat (limited to 'ftp/gftp')
-rw-r--r--ftp/gftp/Makefile2
-rw-r--r--ftp/gftp/files/patch-lib-fsplib_fsplib.c47
-rw-r--r--ftp/gftp/files/patch-lib-fsplib_fsplib.h24
3 files changed, 72 insertions, 1 deletions
diff --git a/ftp/gftp/Makefile b/ftp/gftp/Makefile
index 43275c0bdbf9..88b428064136 100644
--- a/ftp/gftp/Makefile
+++ b/ftp/gftp/Makefile
@@ -7,7 +7,7 @@
PORTNAME= gftp
PORTVERSION= 2.0.18
-PORTREVISION= 5
+PORTREVISION= 6
CATEGORIES= ftp
MASTER_SITES= http://gftp.seul.org/ \
ftp://gftp.seul.org/pub/gftp/
diff --git a/ftp/gftp/files/patch-lib-fsplib_fsplib.c b/ftp/gftp/files/patch-lib-fsplib_fsplib.c
new file mode 100644
index 000000000000..151b3bfb8c2d
--- /dev/null
+++ b/ftp/gftp/files/patch-lib-fsplib_fsplib.c
@@ -0,0 +1,47 @@
+--- lib/fsplib/fsplib.c.orig 2005-01-19 03:03:45.000000000 +0100
++++ lib/fsplib/fsplib.c 2007-11-05 16:37:32.000000000 +0100
+@@ -612,7 +612,7 @@
+ entry->d_reclen = fentry.reclen;
+ strncpy(entry->d_name,fentry.name,MAXNAMLEN);
+
+- if (fentry.namlen > MAXNAMLEN)
++ if (fentry.namlen >= MAXNAMLEN)
+ {
+ entry->d_name[MAXNAMLEN + 1 ] = '\0';
+ #ifdef HAVE_NAMLEN
+@@ -680,9 +680,19 @@
+ /* skip file date and file size */
+ dir->dirpos += 9;
+ /* read file name */
+- entry->name[255 + 1] = '\0';
++ entry->name[255] = '\0';
+ strncpy(entry->name,(char *)( dir->data + dir->dirpos ),MAXNAMLEN);
++ /* check for ASCIIZ encoded filename */
++ if (memchr(dir->data + dir->dirpos,0,dir->datasize - dir->dirpos) != NULL)
++ {
+ namelen = strlen( (char *) dir->data+dir->dirpos);
++ }
++ else
++ {
++ /* \0 terminator not found at end of filename */
++ *result = NULL;
++ return 0;
++ }
+ /* skip over file name */
+ dir->dirpos += namelen +1;
+
+@@ -709,12 +719,12 @@
+
+ struct dirent * fsp_readdir(FSP_DIR *dirp)
+ {
+- static struct dirent entry;
++ static dirent_workaround entry;
+ struct dirent *result;
+
+
+ if (dirp == NULL) return NULL;
+- if ( fsp_readdir_r(dirp,&entry,&result) )
++ if ( fsp_readdir_r(dirp,&entry.dirent,&result) )
+ return NULL;
+ else
+ return result;
diff --git a/ftp/gftp/files/patch-lib-fsplib_fsplib.h b/ftp/gftp/files/patch-lib-fsplib_fsplib.h
new file mode 100644
index 000000000000..5d2d7449b053
--- /dev/null
+++ b/ftp/gftp/files/patch-lib-fsplib_fsplib.h
@@ -0,0 +1,24 @@
+--- lib/fsplib/fsplib.h.orig 2005-01-19 03:04:02.000000000 +0100
++++ lib/fsplib/fsplib.h 2007-11-05 16:37:32.000000000 +0100
+@@ -1,6 +1,8 @@
+ #ifndef _FSPLIB_H
+ #define _FSPLIB_H 1
+ #include <time.h>
++#include <stddef.h>
++
+ /* The FSP v2 protocol support library - public interface */
+
+ /*
+@@ -138,6 +140,12 @@
+ unsigned int pos; /* position of next packet */
+ } FSP_FILE;
+
++
++typedef union dirent_workaround {
++ struct dirent dirent;
++ char fill[offsetof (struct dirent, d_name) + MAXNAMLEN + 1];
++} dirent_workaround;
++
+ /* function prototypes */
+
+ /* session management */