diff options
author | nectar <nectar@FreeBSD.org> | 2004-05-01 00:04:38 +0800 |
---|---|---|
committer | nectar <nectar@FreeBSD.org> | 2004-05-01 00:04:38 +0800 |
commit | 3edbb59c1a20ac9d86f08cbcaf7dbdafe1c9e2f7 (patch) | |
tree | 75a254367f84317089f48022a502837bc0489128 /devel | |
parent | d4f0ebdc034a3fe040b1ffc8503664681ffa6b17 (diff) | |
download | freebsd-ports-graphics-3edbb59c1a20ac9d86f08cbcaf7dbdafe1c9e2f7.tar.gz freebsd-ports-graphics-3edbb59c1a20ac9d86f08cbcaf7dbdafe1c9e2f7.tar.zst freebsd-ports-graphics-3edbb59c1a20ac9d86f08cbcaf7dbdafe1c9e2f7.zip |
Patch remotely exploitable libneon bugs after maintainer timeout.
PR: ports/65754
Submitted by: Frank Ruell <stoerte@dreamwarrior.net>
Diffstat (limited to 'devel')
-rw-r--r-- | devel/tla/Makefile | 3 | ||||
-rw-r--r-- | devel/tla/files/patch-libneon-ne_207.c | 17 | ||||
-rw-r--r-- | devel/tla/files/patch-libneon-ne_auth.c | 11 | ||||
-rw-r--r-- | devel/tla/files/patch-libneon-ne_locks.c | 20 | ||||
-rw-r--r-- | devel/tla/files/patch-libneon-ne_props.c | 11 | ||||
-rw-r--r-- | devel/tla/files/patch-libneon-ne_xml.c | 11 |
6 files changed, 72 insertions, 1 deletions
diff --git a/devel/tla/Makefile b/devel/tla/Makefile index 49111521aac..5ec55ca2ede 100644 --- a/devel/tla/Makefile +++ b/devel/tla/Makefile @@ -7,6 +7,7 @@ PORTNAME= tla PORTVERSION= 1.2 +PORTREVISION= 1 CATEGORIES= devel MASTER_SITES= ${MASTER_SITE_GNU} \ http://regexps.srparish.net/src/${PORTNAME}/ \ @@ -26,7 +27,7 @@ USE_GMAKE= yes ORIGWRKSRC= ${WRKDIR}/${DISTNAME}/src WRKSRC= ${ORIGWRKSRC}/=build -pre-configure: +pre-patch: ${MKDIR} ${WRKSRC} do-configure: diff --git a/devel/tla/files/patch-libneon-ne_207.c b/devel/tla/files/patch-libneon-ne_207.c new file mode 100644 index 00000000000..961ae0fe329 --- /dev/null +++ b/devel/tla/files/patch-libneon-ne_207.c @@ -0,0 +1,17 @@ +--- ../tla/libneon.orig/ne_207.c Sat Dec 6 20:35:28 2003 ++++ ../tla/libneon/ne_207.c Sat Apr 17 20:25:46 2004 +@@ -320,12 +320,12 @@ + if (ne_get_status(req)->code == 207) { + if (!ne_xml_valid(p)) { + /* The parse was invalid */ +- ne_set_error(sess, ne_xml_get_error(p)); ++ ne_set_error(sess, "%s", ne_xml_get_error(p)); + ret = NE_ERROR; + } else if (ctx.is_error) { + /* If we've actually got any error information + * from the 207, then set that as the error */ +- ne_set_error(sess, ctx.buf->data); ++ ne_set_error(sess, "%s", ctx.buf->data); + ret = NE_ERROR; + } + } else if (ne_get_status(req)->klass != 2) { diff --git a/devel/tla/files/patch-libneon-ne_auth.c b/devel/tla/files/patch-libneon-ne_auth.c new file mode 100644 index 00000000000..1b4f7da0660 --- /dev/null +++ b/devel/tla/files/patch-libneon-ne_auth.c @@ -0,0 +1,11 @@ +--- ../tla/libneon.orig/ne_auth.c Sat Dec 6 20:35:28 2003 ++++ ../tla/libneon/ne_auth.c Sat Apr 17 20:11:55 2004 +@@ -950,7 +950,7 @@ + if (areq->auth_info_hdr != NULL && + verify_response(areq, sess, areq->auth_info_hdr)) { + NE_DEBUG(NE_DBG_HTTPAUTH, "Response authentication invalid.\n"); +- ne_set_error(sess->sess, _(sess->spec->fail_msg)); ++ ne_set_error(sess->sess, "%s", _(sess->spec->fail_msg)); + ret = NE_ERROR; + } else if (status->code == sess->spec->status_code && + areq->auth_hdr != NULL) { diff --git a/devel/tla/files/patch-libneon-ne_locks.c b/devel/tla/files/patch-libneon-ne_locks.c new file mode 100644 index 00000000000..26784fe4790 --- /dev/null +++ b/devel/tla/files/patch-libneon-ne_locks.c @@ -0,0 +1,20 @@ +--- ../tla/libneon.orig/ne_locks.c Sat Dec 6 20:35:28 2003 ++++ ../tla/libneon/ne_locks.c Sat Apr 17 20:11:55 2004 +@@ -734,7 +734,7 @@ + } + else if (parse_failed) { + ret = NE_ERROR; +- ne_set_error(sess, ne_xml_get_error(parser)); ++ ne_set_error(sess, "%s", ne_xml_get_error(parser)); + } + else if (ne_get_status(req)->code == 207) { + ret = NE_ERROR; +@@ -802,7 +802,7 @@ + if (ret == NE_OK && ne_get_status(req)->klass == 2) { + if (parse_failed) { + ret = NE_ERROR; +- ne_set_error(sess, ne_xml_get_error(parser)); ++ ne_set_error(sess, "%s", ne_xml_get_error(parser)); + } + else if (ne_get_status(req)->code == 207) { + ret = NE_ERROR; diff --git a/devel/tla/files/patch-libneon-ne_props.c b/devel/tla/files/patch-libneon-ne_props.c new file mode 100644 index 00000000000..c307849658f --- /dev/null +++ b/devel/tla/files/patch-libneon-ne_props.c @@ -0,0 +1,11 @@ +--- ../tla/libneon.orig/ne_props.c Sat Dec 6 20:35:28 2003 ++++ ../tla/libneon/ne_props.c Sat Apr 17 20:11:55 2004 +@@ -142,7 +142,7 @@ + if (ret == NE_OK && ne_get_status(req)->klass != 2) { + ret = NE_ERROR; + } else if (!ne_xml_valid(handler->parser)) { +- ne_set_error(handler->sess, ne_xml_get_error(handler->parser)); ++ ne_set_error(handler->sess, "%s", ne_xml_get_error(handler->parser)); + ret = NE_ERROR; + } + diff --git a/devel/tla/files/patch-libneon-ne_xml.c b/devel/tla/files/patch-libneon-ne_xml.c new file mode 100644 index 00000000000..240cba1b1ce --- /dev/null +++ b/devel/tla/files/patch-libneon-ne_xml.c @@ -0,0 +1,11 @@ +--- ../tla/libneon.orig/ne_xml.c Sat Dec 6 20:35:29 2003 ++++ ../tla/libneon/ne_xml.c Sat Apr 17 20:11:55 2004 +@@ -538,7 +538,7 @@ + + void ne_xml_set_error(ne_xml_parser *p, const char *msg) + { +- ne_snprintf(p->error, ERR_SIZE, msg); ++ ne_snprintf(p->error, ERR_SIZE, "%s", msg); + } + + #ifdef HAVE_LIBXML |