[Frugalware-darcs] frugalware-current: findutils-4.3.7-1-i686

VMiklos vmiklos at frugalware.org
Mon Jun 11 19:32:11 CEST 2007


Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-current;a=darcs_commitdiff;h=20070611172914-e2957-0a71e7bfc396e7664c15eb241034a62eba31502a.gz;

[findutils-4.3.7-1-i686
VMiklos <vmiklos at frugalware.org>**20070611172914
 version bump
] {
hunk ./source/base/findutils/CVE-2007-2452.diff 1
---- a/locate/locate.c	2007/04/22 16:57:42	1.58.2.2
-+++ b/locate/locate.c	2007/05/30 20:45:37	1.58.2.3
-@@ -124,9 +124,9 @@
- 
- #include "locatedb.h"
- #include <getline.h>
--#include "../gnulib/lib/xalloc.h"
--#include "../gnulib/lib/error.h"
--#include "../gnulib/lib/human.h"
-+#include "xalloc.h"
-+#include "error.h"
-+#include "human.h"
- #include "dirname.h"
- #include "closeout.h"
- #include "nextelem.h"
-@@ -468,10 +468,36 @@
-   return VISIT_CONTINUE;
- }
- 
-+static void
-+toolong (struct process_data *procdata)
-+{
-+  error (1, 0,
-+	 _("locate database %s contains a "
-+	   "filename longer than locate can handle"),
-+	 procdata->dbfile);
-+}
-+
-+static void
-+extend (struct process_data *procdata, size_t siz1, size_t siz2)
-+{
-+  /* Figure out if the addition operation is safe before performing it. */
-+  if (SIZE_MAX - siz1 < siz2)
-+    {
-+      toolong (procdata);
-+    }
-+  else if (procdata->pathsize < (siz1+siz2))
-+    {
-+      procdata->pathsize = siz1+siz2;
-+      procdata->original_filename = x2nrealloc (procdata->original_filename,
-+						&procdata->pathsize,
-+						1);
-+    }
-+}
-+
- static int
- visit_old_format(struct process_data *procdata, void *context)
- {
--  register char *s;
-+  register size_t i;
-   (void) context;
- 
-   /* Get the offset in the path where this path info starts.  */
-@@ -479,20 +505,35 @@
-     procdata->count += getw (procdata->fp) - LOCATEDB_OLD_OFFSET;
-   else
-     procdata->count += procdata->c - LOCATEDB_OLD_OFFSET;
-+  assert(procdata->count > 0);
- 
--  /* Overlay the old path with the remainder of the new.  */
--  for (s = procdata->original_filename + procdata->count;
-+  /* Overlay the old path with the remainder of the new.  Read 
-+   * more data until we get to the next filename.
-+   */
-+  for (i=procdata->count;
-        (procdata->c = getc (procdata->fp)) > LOCATEDB_OLD_ESCAPE;)
--    if (procdata->c < 0200)
--      *s++ = procdata->c;		/* An ordinary character.  */
--    else
--      {
--	/* Bigram markers have the high bit set. */
--	procdata->c &= 0177;
--	*s++ = procdata->bigram1[procdata->c];
--	*s++ = procdata->bigram2[procdata->c];
--      }
--  *s-- = '\0';
-+    {
-+      if (procdata->c < 0200)
-+	{
-+	  /* An ordinary character. */	  
-+	  extend (procdata, i, 1u);
-+	  procdata->original_filename[i++] = procdata->c;
-+	}
-+      else
-+	{
-+	  /* Bigram markers have the high bit set. */
-+	  extend (procdata, i, 2u);
-+	  procdata->c &= 0177;
-+	  procdata->original_filename[i++] = procdata->bigram1[procdata->c];
-+	  procdata->original_filename[i++] = procdata->bigram2[procdata->c];
-+	}
-+    }
-+
-+  /* Consider the case where we executed the loop body zero times; we
-+   * still need space for the terminating null byte. 
-+   */
-+  extend (procdata, i, 1u);
-+  procdata->original_filename[i] = 0;
- 
-   procdata->munged_filename = procdata->original_filename;
-   
rmfile ./source/base/findutils/CVE-2007-2452.diff
hunk ./source/base/findutils/FrugalBuild 5
-pkgver=4.3.6
-pkgrel=2
+pkgver=4.3.7
+pkgrel=1
hunk ./source/base/findutils/FrugalBuild 13
-source=(ftp://alpha.gnu.org/pub/gnu/findutils/$pkgname-$pkgver.tar.gz CVE-2007-2452.diff)
-signatures=($source.sig '')
+source=(ftp://alpha.gnu.org/pub/gnu/findutils/$pkgname-$pkgver.tar.gz)
+signatures=($source.sig)
}


More information about the Frugalware-darcs mailing list