On Fri, 7 Apr 2006 01:50:46 -0600 Peter Valchev <[EMAIL PROTECTED]> wrote:
> Actually there are way more issues in it ... a small list that > linux people have fixed: > http://rpmfind.net/linux/RPM/suse/updates/10.0-OSS/i386/rpm/i586/zoo-2.10-858.4.i586.html > > Patches for those follow; however this thing is a pile of poo > altogether. There are likely many other issues (just look at the > amount of remaining strcat/strcpy which come from user input). > Someone should fix them all but I feel like I've already wasted > enough time looking at this pile of poo. Anyway, someone > should double check these don't break anything at least. seems ok on i386. Rui Reis > Index: Makefile > =================================================================== > RCS file: /cvs/ports/archivers/zoo/Makefile,v > retrieving revision 1.17 > diff -u -p -r1.17 Makefile > --- Makefile 21 Nov 2004 12:50:33 -0000 1.17 > +++ Makefile 7 Apr 2006 07:41:16 -0000 > @@ -3,7 +3,7 @@ > COMMENT= "handle the old .ZOO archive format" > > DISTNAME= zoo-2.10pl1 > -PKGNAME= zoo-2.10.1 > +PKGNAME= zoo-2.10.1p0 > CATEGORIES= archivers > MASTER_SITES= ftp://ftp.kiarchive.ru/pub/unix/arcers/ > > Index: patches/patch-misc_c > =================================================================== > RCS file: patches/patch-misc_c > diff -N patches/patch-misc_c > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ patches/patch-misc_c 7 Apr 2006 07:41:16 -0000 > @@ -0,0 +1,21 @@ > +$OpenBSD$ > +--- misc.c.orig Tue Jul 16 09:52:54 1991 > ++++ misc.c Fri Apr 7 01:36:17 2006 > +@@ -135,11 +135,16 @@ if available, else the short filename is > + char *fullpath (direntry) > + struct direntry *direntry; > + { > +- static char result[PATHSIZE]; > ++ static char result[PATHSIZE+LFNAMESIZE+12]; /* Room for enough space.*/ > + combine (result, > + direntry->dirlen != 0 ? direntry->dirname : "", > + (direntry->namlen != 0) ? direntry->lfname : > direntry->fname > + ); > ++ > ++ if (strlen (result) >= PATHSIZE) { > ++ prterror ('f', "Combined dirname and filename too long!\n"); > ++ } > ++ > + return (result); > + } > + > Index: patches/patch-parse_c > =================================================================== > RCS file: patches/patch-parse_c > diff -N patches/patch-parse_c > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ patches/patch-parse_c 7 Apr 2006 07:41:16 -0000 > @@ -0,0 +1,12 @@ > +$OpenBSD$ > +--- parse.c.orig Tue Jul 16 09:54:43 1991 > ++++ parse.c Fri Apr 7 01:37:24 2006 > +@@ -39,7 +39,7 @@ char *fname; > + char *namep; /* points to relevant part of tempname */ > + > + char *p; > +- strcpy (tempname, fname); > ++ strlcpy(tempname, fname, LFNAMESIZE); > + > + #ifdef DEBUG > + printf ("parse: supplied name is [%s].\n", tempname); > Index: patches/patch-portable_c > =================================================================== > RCS file: patches/patch-portable_c > diff -N patches/patch-portable_c > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ patches/patch-portable_c 7 Apr 2006 07:41:16 -0000 > @@ -0,0 +1,35 @@ > +$OpenBSD$ > +--- portable.c.orig Tue Jul 16 09:55:11 1991 > ++++ portable.c Fri Apr 7 01:35:28 2006 > +@@ -364,6 +364,31 @@ ZOOFILE zoo_file; > + show_dir(direntry); > + } > + #endif > ++ char *p; > ++ /* take off '../' */ > ++ while ((p = strstr( direntry->dirname, "../" )) != NULL) { > ++ while (*(p+3) != '\0') { > ++ *p = *(p + 3); > ++ p++; > ++ } > ++ *p = *(p+3); /* move last null */ > ++ //printf("zoo: skipped \"../\" path component in '%s'\n", > direntry->dirname); > ++ } > ++ /* take off '/' */ > ++ if ( direntry->dirname[0] == '/' ) { > ++ p = direntry->dirname; > ++ while (*p != '\0') { > ++ *p = *(p + 1); > ++ p++; > ++ } > ++ *p = *(p+1); /* move last null */ > ++ //printf("zoo: skipped \"/\" path component in '%s'\n", > direntry->dirname); > ++ } > ++ /* take off '..' */ > ++ if(!strcmp(direntry->dirname, "..")) > ++ direntry->dirname[0] = '\0'; > ++ /* direntry->dirlen = strlen(direntry->dirname); */ > ++ > + return (0); > + } > +
