aboutsummaryrefslogtreecommitdiffstats
path: root/print
diff options
context:
space:
mode:
authordinoex <dinoex@FreeBSD.org>2004-08-21 18:22:16 +0800
committerdinoex <dinoex@FreeBSD.org>2004-08-21 18:22:16 +0800
commitb0594b435d6322a6fb9f723883f7c7074ad57586 (patch)
treefec5cf540db809e81d3e4fdaa8d8dc5e50997a30 /print
parent503617f0a030ff5c463dcf9f9a2a2c2de58e5eb9 (diff)
downloadfreebsd-ports-gnome-b0594b435d6322a6fb9f723883f7c7074ad57586.tar.gz
freebsd-ports-gnome-b0594b435d6322a6fb9f723883f7c7074ad57586.tar.zst
freebsd-ports-gnome-b0594b435d6322a6fb9f723883f7c7074ad57586.zip
- Security Fix
Possible execution of shell commands as local user PR: 70618 Submitted by: Rudolf Polzer
Diffstat (limited to 'print')
-rw-r--r--print/a2ps-letter/Makefile2
-rw-r--r--print/a2ps-letter/files/patch-etc-Makefile.in (renamed from print/a2ps-letter/files/patch-etc::Makefile.in)0
-rw-r--r--print/a2ps-letter/files/patch-lib-xgethostname.c (renamed from print/a2ps-letter/files/patch-lib::xgethostname.c)0
-rw-r--r--print/a2ps-letter/files/patch-select.c57
4 files changed, 58 insertions, 1 deletions
diff --git a/print/a2ps-letter/Makefile b/print/a2ps-letter/Makefile
index f7aac2b9486b..96dc522298e2 100644
--- a/print/a2ps-letter/Makefile
+++ b/print/a2ps-letter/Makefile
@@ -7,7 +7,7 @@
PORTNAME= a2ps
PORTVERSION= 4.13b
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= print
MASTER_SITES= ftp://ftp.enst.fr/pub/unix/a2ps/ \
${MASTER_SITE_GNU}
diff --git a/print/a2ps-letter/files/patch-etc::Makefile.in b/print/a2ps-letter/files/patch-etc-Makefile.in
index 6dddd830dcbf..6dddd830dcbf 100644
--- a/print/a2ps-letter/files/patch-etc::Makefile.in
+++ b/print/a2ps-letter/files/patch-etc-Makefile.in
diff --git a/print/a2ps-letter/files/patch-lib::xgethostname.c b/print/a2ps-letter/files/patch-lib-xgethostname.c
index 06312ddf88e3..06312ddf88e3 100644
--- a/print/a2ps-letter/files/patch-lib::xgethostname.c
+++ b/print/a2ps-letter/files/patch-lib-xgethostname.c
diff --git a/print/a2ps-letter/files/patch-select.c b/print/a2ps-letter/files/patch-select.c
new file mode 100644
index 000000000000..a2c38898fdc6
--- /dev/null
+++ b/print/a2ps-letter/files/patch-select.c
@@ -0,0 +1,57 @@
+--- src/select.c.orig Thu Dec 16 02:04:56 1999
++++ src/select.c Sat Aug 21 12:05:31 2004
+@@ -131,6 +131,36 @@
+ return 1;
+ }
+
++/* escapes the name of a file so that the shell groks it in 'single' q.marks.
++ The resulting pointer has to be free()ed when not longer used. */
++char *
++shell_escape(const char *fn)
++{
++ size_t len = 0;
++ const char *inp;
++ char *retval, *outp;
++
++ for(inp = fn; *inp; ++inp)
++ switch(*inp)
++ {
++ case '\'': len += 4; break;
++ default: len += 1; break;
++ }
++
++ outp = retval = malloc(len + 1);
++ if(!outp)
++ return NULL; /* perhaps one should do better error handling here */
++ for(inp = fn; *inp; ++inp)
++ switch(*inp)
++ {
++ case '\'': *outp++ = '\''; *outp++ = '\\'; *outp++ = '\'', *outp++ = '\''; break;
++ default: *outp++ = *inp; break;
++ }
++ *outp = 0;
++
++ return retval;
++}
++
+ /* What says file about the type of a file (result is malloc'd). NULL
+ if could not be run. */
+
+@@ -144,11 +174,15 @@
+ if (IS_EMPTY (job->file_command))
+ return NULL;
+
++ filename = shell_escape(filename);
++ if(filename == NULL)
++ return NULL;
+ /* Call file(1) with the correct option */
+- command = ALLOCA (char, (2
++ command = ALLOCA (char, (4
+ + strlen (job->file_command)
+ + ustrlen (filename)));
+- sprintf (command, "%s %s", job->file_command, (const char *) filename);
++ sprintf (command, "%s '%s'", job->file_command, (const char *) filename);
++ free(filename);
+ message (msg_tool, (stderr, "Reading pipe: `%s'\n", command));
+ file_out = popen (command, "r");
+
generated by cgit (git 2.34.1) at 2025-01-26 21:14:23 +0800