diff options
author | thierry <thierry@FreeBSD.org> | 2004-06-20 17:04:32 +0800 |
---|---|---|
committer | thierry <thierry@FreeBSD.org> | 2004-06-20 17:04:32 +0800 |
commit | 1df76520fda16fbe6e032695daada60679722f3e (patch) | |
tree | 39462b16cdde50bbd546260a0fe72429b665ab4e /textproc/aspell | |
parent | 834cb1779e9dd9d1f2a9907e38c0fd7f0514e846 (diff) | |
download | freebsd-ports-gnome-1df76520fda16fbe6e032695daada60679722f3e.tar.gz freebsd-ports-gnome-1df76520fda16fbe6e032695daada60679722f3e.tar.zst freebsd-ports-gnome-1df76520fda16fbe6e032695daada60679722f3e.zip |
Security: fix a buffer overflow in word-list-compress:
- <http://marc.theaimsgroup.com/?l=bugtraq&m=108761564006503&w=2>
- <http://nettwerked.mg2.org/advisories/wlc>
Since I'm there, switch from libtool 1.3 to 1.5, to cope with
PR ports/63944.
Obtained from: Robert Nagy <robert@openbsd.org>.
Diffstat (limited to 'textproc/aspell')
-rw-r--r-- | textproc/aspell/Makefile | 4 | ||||
-rw-r--r-- | textproc/aspell/files/patch-prog-compress.c | 71 |
2 files changed, 73 insertions, 2 deletions
diff --git a/textproc/aspell/Makefile b/textproc/aspell/Makefile index bcb0d1c29502..689ebb096db1 100644 --- a/textproc/aspell/Makefile +++ b/textproc/aspell/Makefile @@ -7,7 +7,7 @@ PORTNAME?= aspell PORTVERSION= 0.50.5 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES+= textproc MASTER_SITES= http://aspell.net/ \ ${MASTER_SITE_GNU} @@ -22,7 +22,7 @@ COMMENT?= Spelling checker with better suggestion logic than ispell BUILD_DEPENDS+= bzip2:${PORTSDIR}/archivers/bzip2 .endif -USE_LIBTOOL_VER=13 +USE_LIBTOOL_VER= 15 CONFIGURE_TARGET= --build=${ARCH}-portbld-freebsd${OSREL} CONFIGURE_ARGS= --enable-dict-dir=${DATADIR} \ --enable-doc-dir=${DOCSDIR} diff --git a/textproc/aspell/files/patch-prog-compress.c b/textproc/aspell/files/patch-prog-compress.c new file mode 100644 index 000000000000..a416a33e8c19 --- /dev/null +++ b/textproc/aspell/files/patch-prog-compress.c @@ -0,0 +1,71 @@ +--- prog/compress.c.orig Sat Aug 31 20:51:11 2002 ++++ prog/compress.c Sat Jun 19 16:10:04 2004 +@@ -28,6 +28,11 @@ + + #endif + ++#define WORD_BUFF_SIZE 256 ++ ++int count = 0; ++ ++ + void usage () + { + fputs("Compresses or uncompresses sorted word lists.\n" , stderr); +@@ -45,8 +50,9 @@ + if (c == EOF) return 0; + do { + *w++ = (char)(c); +- } while (c = getc(in), c != EOF && c > 32); ++ } while (c = getc(in), c != EOF && c > 32 && count < (WORD_BUFF_SIZE - 1)); + *w = '\0'; ++ count++; + ungetc(c, in); + if (c == EOF) return 0; + else return 1; +@@ -61,8 +67,8 @@ + + } else if (argv[1][0] == 'c') { + +- char s1[256]; +- char s2[256]; ++ char s1[WORD_BUFF_SIZE]; ++ char s2[WORD_BUFF_SIZE]; + char * prev = s2; + char * cur = s1; + *prev = '\0'; +@@ -69,6 +75,7 @@ + + SETBIN (stdout); + ++ while (count < WORD_BUFF_SIZE) { + while (get_word(stdin, cur)) { + int i = 0; + /* get the length of the prefix */ +@@ -85,11 +92,12 @@ + prev = s2; cur = s1; + } + } ++ } + return 0; + + } else if (argv[1][0] == 'd') { + +- char cur[256]; ++ char cur[WORD_BUFF_SIZE]; + int i; + int c; + +@@ -100,8 +108,11 @@ + if (i == 0) + i = getc(stdin); + --i; +- while ((c = getc(stdin)) > 32) ++ while ((c = getc(stdin)) > 32 && i < (WORD_BUFF_SIZE -1)) { + cur[i++] = (char)c; ++ count++; ++ } ++ + cur[i] = '\0'; + fputs(cur, stdout); + putc('\n', stdout); |