aboutsummaryrefslogtreecommitdiffstats
path: root/devel
diff options
context:
space:
mode:
authornectar <nectar@FreeBSD.org>2004-05-01 00:04:38 +0800
committernectar <nectar@FreeBSD.org>2004-05-01 00:04:38 +0800
commit3edbb59c1a20ac9d86f08cbcaf7dbdafe1c9e2f7 (patch)
tree75a254367f84317089f48022a502837bc0489128 /devel
parentd4f0ebdc034a3fe040b1ffc8503664681ffa6b17 (diff)
downloadfreebsd-ports-graphics-3edbb59c1a20ac9d86f08cbcaf7dbdafe1c9e2f7.tar.gz
freebsd-ports-graphics-3edbb59c1a20ac9d86f08cbcaf7dbdafe1c9e2f7.tar.zst
freebsd-ports-graphics-3edbb59c1a20ac9d86f08cbcaf7dbdafe1c9e2f7.zip
Patch remotely exploitable libneon bugs after maintainer timeout.
PR: ports/65754 Submitted by: Frank Ruell <stoerte@dreamwarrior.net>
Diffstat (limited to 'devel')
-rw-r--r--devel/tla/Makefile3
-rw-r--r--devel/tla/files/patch-libneon-ne_207.c17
-rw-r--r--devel/tla/files/patch-libneon-ne_auth.c11
-rw-r--r--devel/tla/files/patch-libneon-ne_locks.c20
-rw-r--r--devel/tla/files/patch-libneon-ne_props.c11
-rw-r--r--devel/tla/files/patch-libneon-ne_xml.c11
6 files changed, 72 insertions, 1 deletions
diff --git a/devel/tla/Makefile b/devel/tla/Makefile
index 49111521aac..5ec55ca2ede 100644
--- a/devel/tla/Makefile
+++ b/devel/tla/Makefile
@@ -7,6 +7,7 @@
PORTNAME= tla
PORTVERSION= 1.2
+PORTREVISION= 1
CATEGORIES= devel
MASTER_SITES= ${MASTER_SITE_GNU} \
http://regexps.srparish.net/src/${PORTNAME}/ \
@@ -26,7 +27,7 @@ USE_GMAKE= yes
ORIGWRKSRC= ${WRKDIR}/${DISTNAME}/src
WRKSRC= ${ORIGWRKSRC}/=build
-pre-configure:
+pre-patch:
${MKDIR} ${WRKSRC}
do-configure:
diff --git a/devel/tla/files/patch-libneon-ne_207.c b/devel/tla/files/patch-libneon-ne_207.c
new file mode 100644
index 00000000000..961ae0fe329
--- /dev/null
+++ b/devel/tla/files/patch-libneon-ne_207.c
@@ -0,0 +1,17 @@
+--- ../tla/libneon.orig/ne_207.c Sat Dec 6 20:35:28 2003
++++ ../tla/libneon/ne_207.c Sat Apr 17 20:25:46 2004
+@@ -320,12 +320,12 @@
+ if (ne_get_status(req)->code == 207) {
+ if (!ne_xml_valid(p)) {
+ /* The parse was invalid */
+- ne_set_error(sess, ne_xml_get_error(p));
++ ne_set_error(sess, "%s", ne_xml_get_error(p));
+ ret = NE_ERROR;
+ } else if (ctx.is_error) {
+ /* If we've actually got any error information
+ * from the 207, then set that as the error */
+- ne_set_error(sess, ctx.buf->data);
++ ne_set_error(sess, "%s", ctx.buf->data);
+ ret = NE_ERROR;
+ }
+ } else if (ne_get_status(req)->klass != 2) {
diff --git a/devel/tla/files/patch-libneon-ne_auth.c b/devel/tla/files/patch-libneon-ne_auth.c
new file mode 100644
index 00000000000..1b4f7da0660
--- /dev/null
+++ b/devel/tla/files/patch-libneon-ne_auth.c
@@ -0,0 +1,11 @@
+--- ../tla/libneon.orig/ne_auth.c Sat Dec 6 20:35:28 2003
++++ ../tla/libneon/ne_auth.c Sat Apr 17 20:11:55 2004
+@@ -950,7 +950,7 @@
+ if (areq->auth_info_hdr != NULL &&
+ verify_response(areq, sess, areq->auth_info_hdr)) {
+ NE_DEBUG(NE_DBG_HTTPAUTH, "Response authentication invalid.\n");
+- ne_set_error(sess->sess, _(sess->spec->fail_msg));
++ ne_set_error(sess->sess, "%s", _(sess->spec->fail_msg));
+ ret = NE_ERROR;
+ } else if (status->code == sess->spec->status_code &&
+ areq->auth_hdr != NULL) {
diff --git a/devel/tla/files/patch-libneon-ne_locks.c b/devel/tla/files/patch-libneon-ne_locks.c
new file mode 100644
index 00000000000..26784fe4790
--- /dev/null
+++ b/devel/tla/files/patch-libneon-ne_locks.c
@@ -0,0 +1,20 @@
+--- ../tla/libneon.orig/ne_locks.c Sat Dec 6 20:35:28 2003
++++ ../tla/libneon/ne_locks.c Sat Apr 17 20:11:55 2004
+@@ -734,7 +734,7 @@
+ }
+ else if (parse_failed) {
+ ret = NE_ERROR;
+- ne_set_error(sess, ne_xml_get_error(parser));
++ ne_set_error(sess, "%s", ne_xml_get_error(parser));
+ }
+ else if (ne_get_status(req)->code == 207) {
+ ret = NE_ERROR;
+@@ -802,7 +802,7 @@
+ if (ret == NE_OK && ne_get_status(req)->klass == 2) {
+ if (parse_failed) {
+ ret = NE_ERROR;
+- ne_set_error(sess, ne_xml_get_error(parser));
++ ne_set_error(sess, "%s", ne_xml_get_error(parser));
+ }
+ else if (ne_get_status(req)->code == 207) {
+ ret = NE_ERROR;
diff --git a/devel/tla/files/patch-libneon-ne_props.c b/devel/tla/files/patch-libneon-ne_props.c
new file mode 100644
index 00000000000..c307849658f
--- /dev/null
+++ b/devel/tla/files/patch-libneon-ne_props.c
@@ -0,0 +1,11 @@
+--- ../tla/libneon.orig/ne_props.c Sat Dec 6 20:35:28 2003
++++ ../tla/libneon/ne_props.c Sat Apr 17 20:11:55 2004
+@@ -142,7 +142,7 @@
+ if (ret == NE_OK && ne_get_status(req)->klass != 2) {
+ ret = NE_ERROR;
+ } else if (!ne_xml_valid(handler->parser)) {
+- ne_set_error(handler->sess, ne_xml_get_error(handler->parser));
++ ne_set_error(handler->sess, "%s", ne_xml_get_error(handler->parser));
+ ret = NE_ERROR;
+ }
+
diff --git a/devel/tla/files/patch-libneon-ne_xml.c b/devel/tla/files/patch-libneon-ne_xml.c
new file mode 100644
index 00000000000..240cba1b1ce
--- /dev/null
+++ b/devel/tla/files/patch-libneon-ne_xml.c
@@ -0,0 +1,11 @@
+--- ../tla/libneon.orig/ne_xml.c Sat Dec 6 20:35:29 2003
++++ ../tla/libneon/ne_xml.c Sat Apr 17 20:11:55 2004
+@@ -538,7 +538,7 @@
+
+ void ne_xml_set_error(ne_xml_parser *p, const char *msg)
+ {
+- ne_snprintf(p->error, ERR_SIZE, msg);
++ ne_snprintf(p->error, ERR_SIZE, "%s", msg);
+ }
+
+ #ifdef HAVE_LIBXML