summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMartin Holzer <mholzer@gentoo.org>2003-12-08 02:06:06 +0000
committerMartin Holzer <mholzer@gentoo.org>2003-12-08 02:06:06 +0000
commit67d89c151d9ffd2ee959194451e3d9cd0b1167c4 (patch)
treed56c493385180f4a0154e416f83424ca0d51eb30 /net-misc/whois
parentcorrecting security patch. (diff)
downloadgentoo-2-67d89c151d9ffd2ee959194451e3d9cd0b1167c4.tar.gz
gentoo-2-67d89c151d9ffd2ee959194451e3d9cd0b1167c4.tar.bz2
gentoo-2-67d89c151d9ffd2ee959194451e3d9cd0b1167c4.zip
correcting security patch.
Diffstat (limited to 'net-misc/whois')
-rw-r--r--net-misc/whois/ChangeLog7
-rw-r--r--net-misc/whois/Manifest2
-rw-r--r--net-misc/whois/files/whois-4.6.9-gentoo-security.patch43
3 files changed, 30 insertions, 22 deletions
diff --git a/net-misc/whois/ChangeLog b/net-misc/whois/ChangeLog
index 2350d83a895b..8a9b4ec153a7 100644
--- a/net-misc/whois/ChangeLog
+++ b/net-misc/whois/ChangeLog
@@ -1,6 +1,11 @@
# ChangeLog for net-misc/whois
# Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/whois/ChangeLog,v 1.29 2003/12/07 15:59:45 mholzer Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/whois/ChangeLog,v 1.30 2003/12/08 02:05:56 mholzer Exp $
+
+ 08 Dec 2003; Martin Holzer <mholzer@gentoo.org>
+ files/whois-4.6.9-gentoo-security.patch:
+ correcting security patch. submitted by Marcin Krycze <crytcheck@napisy.org>
+ in #34768.
*whois-4.6.9 (07 Dec 2003)
diff --git a/net-misc/whois/Manifest b/net-misc/whois/Manifest
index b16406dbd250..029089d5d9ab 100644
--- a/net-misc/whois/Manifest
+++ b/net-misc/whois/Manifest
@@ -1,4 +1,4 @@
-MD5 3f56f8e71175063778e190a2c38c6c6a ChangeLog 4905
+MD5 a346babfd03c59352944fa6c7c8dd139 ChangeLog 5091
MD5 14f61101e310b129373e01ad2fb759a6 whois-4.6.6-r2.ebuild 1183
MD5 f8d8256a2d3b981b584c199e30eea1c9 whois-4.6.8.ebuild 1202
MD5 143158b3525cc58236d7a7d7ec859b3b whois-4.6.9.ebuild 1206
diff --git a/net-misc/whois/files/whois-4.6.9-gentoo-security.patch b/net-misc/whois/files/whois-4.6.9-gentoo-security.patch
index 5f92105cf501..83de5bfd0501 100644
--- a/net-misc/whois/files/whois-4.6.9-gentoo-security.patch
+++ b/net-misc/whois/files/whois-4.6.9-gentoo-security.patch
@@ -1,6 +1,7 @@
---- whois.c.orig 2003-09-10 01:21:52.000000000 +0200
-+++ whois.c 2003-11-23 01:51:20.000000000 +0100
-@@ -73,7 +73,7 @@
+diff -Naur whois-4.6.9/whois.c whois/whois.c
+--- whois-4.6.9/whois.c 2003-12-01 19:15:18.000000000 +0100
++++ whois/whois.c 2003-12-08 01:24:06.000000000 +0100
+@@ -76,7 +76,7 @@
/* RIPE flags */
if (strchr(ripeflags, ch)) {
for (p = fstring; *p; p++);
@@ -9,7 +10,7 @@
continue;
}
if (strchr(ripeflagsp, ch)) {
-@@ -86,7 +86,7 @@
+@@ -89,7 +89,7 @@
/* program flags */
switch (ch) {
case 'h':
@@ -18,7 +19,7 @@
for (p = optarg; *p && *p != ':'; *q++ = tolower(*p++));
if (*p == ':')
port = p + 1;
-@@ -122,7 +122,7 @@
+@@ -125,7 +125,7 @@
usage();
/* On some systems realloc only works on non-NULL buffers */
@@ -27,7 +28,7 @@
*qstring = '\0';
/* parse other parameters, if any */
-@@ -131,11 +131,11 @@
+@@ -134,11 +134,11 @@
while (1) {
qslen += strlen(*argv) + 1 + 1;
@@ -42,22 +43,23 @@
argc--;
}
}
-@@ -401,10 +401,12 @@
+@@ -423,10 +423,12 @@
{
char *buf;
int i, isripe = 0;
-+ int buflen = 0;
-
+-
++ /* buflen was always 0 in original patch and buf was allocated
++ twice /Aye */
/* +2 for \r\n; +1 for NULL */
- buf = malloc(strlen(flags) + strlen(query) + strlen(client_tag) + 4
- + 2 + 1);
-+ buf = malloc(strlen(flags) + strlen(query) + strlen(client_tag) + 4 + 2 + 1);
++ int buflen = strlen(flags) + strlen(query) + strlen(client_tag) + 4 + 2 + 1;
+ buf = xmalloc(buflen);
+
*buf = '\0';
for (i = 0; ripe_servers[i]; i++)
if (strcmp(server, ripe_servers[i]) == 0) {
-@@ -426,21 +428,21 @@
+@@ -448,21 +450,21 @@
if (*flags) {
if (!isripe && strcmp(server, "whois.corenic.net") != 0)
puts(_("Warning: RIPE flags used with a traditional server."));
@@ -84,7 +86,7 @@
return buf;
}
-@@ -483,7 +485,7 @@
+@@ -505,7 +507,7 @@
if (verb)
printf(_("Detected referral to %s on %s.\n"), nq, nh);
@@ -93,7 +95,7 @@
fd = openconn(nh, np);
do_query(fd, nq);
continue;
-@@ -509,7 +511,7 @@
+@@ -531,7 +533,7 @@
FILE *fi;
int state = 0;
@@ -102,7 +104,7 @@
*temp = '=';
strcpy(temp + 1, query);
strcat(temp, "\r\n");
-@@ -527,7 +529,7 @@
+@@ -549,7 +551,7 @@
for (p = buf; *p != ':'; p++); /* skip until colon */
for (p++; *p == ' '; p++); /* skip colon and spaces */
@@ -111,7 +113,7 @@
for (q = ret; *p != '\n' && *p != '\r' && *p != ' '; *q++ = *p++)
; /*copy data*/
*q = '\0';
-@@ -572,7 +574,7 @@
+@@ -594,7 +596,7 @@
for (p = buf; *p != ':'; p++); /* skip until colon */
for (p++; *p != ':'; p++); /* skip until 2nd colon */
for (p++; *p == ' '; p++); /* skip colon and spaces */
@@ -120,7 +122,7 @@
for (q = ret; *p != '\n' && *p != '\r'; *q++ = *p++); /*copy data*/
*q = '\0';
state = 2;
-@@ -726,6 +728,24 @@
+@@ -768,6 +770,24 @@
exit(0);
}
@@ -145,11 +147,12 @@
/* Error routines */
void err_sys(const char *fmt, ...)
---- whois.h.orig 2003-11-23 01:58:01.000000000 +0100
-+++ whois.h 2003-11-23 01:58:52.000000000 +0100
-@@ -23,6 +23,8 @@
- int domfind(const char *, const char *[]);
+diff -Naur whois-4.6.9/whois.h whois/whois.h
+--- whois-4.6.9/whois.h 2003-12-01 18:21:59.000000000 +0100
++++ whois/whois.h 2003-12-08 01:06:28.000000000 +0100
+@@ -24,6 +24,8 @@
char *normalize_domain(const char *);
+ char *convert_6to4(const char *);
+void *xmalloc(size_t);
+void *xrealloc(void *, size_t);