diff options
author | Martin Holzer <mholzer@gentoo.org> | 2003-12-08 02:06:06 +0000 |
---|---|---|
committer | Martin Holzer <mholzer@gentoo.org> | 2003-12-08 02:06:06 +0000 |
commit | 67d89c151d9ffd2ee959194451e3d9cd0b1167c4 (patch) | |
tree | d56c493385180f4a0154e416f83424ca0d51eb30 /net-misc/whois | |
parent | correcting security patch. (diff) | |
download | gentoo-2-67d89c151d9ffd2ee959194451e3d9cd0b1167c4.tar.gz gentoo-2-67d89c151d9ffd2ee959194451e3d9cd0b1167c4.tar.bz2 gentoo-2-67d89c151d9ffd2ee959194451e3d9cd0b1167c4.zip |
correcting security patch.
Diffstat (limited to 'net-misc/whois')
-rw-r--r-- | net-misc/whois/ChangeLog | 7 | ||||
-rw-r--r-- | net-misc/whois/Manifest | 2 | ||||
-rw-r--r-- | net-misc/whois/files/whois-4.6.9-gentoo-security.patch | 43 |
3 files changed, 30 insertions, 22 deletions
diff --git a/net-misc/whois/ChangeLog b/net-misc/whois/ChangeLog index 2350d83a895b..8a9b4ec153a7 100644 --- a/net-misc/whois/ChangeLog +++ b/net-misc/whois/ChangeLog @@ -1,6 +1,11 @@ # ChangeLog for net-misc/whois # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-misc/whois/ChangeLog,v 1.29 2003/12/07 15:59:45 mholzer Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-misc/whois/ChangeLog,v 1.30 2003/12/08 02:05:56 mholzer Exp $ + + 08 Dec 2003; Martin Holzer <mholzer@gentoo.org> + files/whois-4.6.9-gentoo-security.patch: + correcting security patch. submitted by Marcin Krycze <crytcheck@napisy.org> + in #34768. *whois-4.6.9 (07 Dec 2003) diff --git a/net-misc/whois/Manifest b/net-misc/whois/Manifest index b16406dbd250..029089d5d9ab 100644 --- a/net-misc/whois/Manifest +++ b/net-misc/whois/Manifest @@ -1,4 +1,4 @@ -MD5 3f56f8e71175063778e190a2c38c6c6a ChangeLog 4905 +MD5 a346babfd03c59352944fa6c7c8dd139 ChangeLog 5091 MD5 14f61101e310b129373e01ad2fb759a6 whois-4.6.6-r2.ebuild 1183 MD5 f8d8256a2d3b981b584c199e30eea1c9 whois-4.6.8.ebuild 1202 MD5 143158b3525cc58236d7a7d7ec859b3b whois-4.6.9.ebuild 1206 diff --git a/net-misc/whois/files/whois-4.6.9-gentoo-security.patch b/net-misc/whois/files/whois-4.6.9-gentoo-security.patch index 5f92105cf501..83de5bfd0501 100644 --- a/net-misc/whois/files/whois-4.6.9-gentoo-security.patch +++ b/net-misc/whois/files/whois-4.6.9-gentoo-security.patch @@ -1,6 +1,7 @@ ---- whois.c.orig 2003-09-10 01:21:52.000000000 +0200 -+++ whois.c 2003-11-23 01:51:20.000000000 +0100 -@@ -73,7 +73,7 @@ +diff -Naur whois-4.6.9/whois.c whois/whois.c +--- whois-4.6.9/whois.c 2003-12-01 19:15:18.000000000 +0100 ++++ whois/whois.c 2003-12-08 01:24:06.000000000 +0100 +@@ -76,7 +76,7 @@ /* RIPE flags */ if (strchr(ripeflags, ch)) { for (p = fstring; *p; p++); @@ -9,7 +10,7 @@ continue; } if (strchr(ripeflagsp, ch)) { -@@ -86,7 +86,7 @@ +@@ -89,7 +89,7 @@ /* program flags */ switch (ch) { case 'h': @@ -18,7 +19,7 @@ for (p = optarg; *p && *p != ':'; *q++ = tolower(*p++)); if (*p == ':') port = p + 1; -@@ -122,7 +122,7 @@ +@@ -125,7 +125,7 @@ usage(); /* On some systems realloc only works on non-NULL buffers */ @@ -27,7 +28,7 @@ *qstring = '\0'; /* parse other parameters, if any */ -@@ -131,11 +131,11 @@ +@@ -134,11 +134,11 @@ while (1) { qslen += strlen(*argv) + 1 + 1; @@ -42,22 +43,23 @@ argc--; } } -@@ -401,10 +401,12 @@ +@@ -423,10 +423,12 @@ { char *buf; int i, isripe = 0; -+ int buflen = 0; - +- ++ /* buflen was always 0 in original patch and buf was allocated ++ twice /Aye */ /* +2 for \r\n; +1 for NULL */ - buf = malloc(strlen(flags) + strlen(query) + strlen(client_tag) + 4 - + 2 + 1); -+ buf = malloc(strlen(flags) + strlen(query) + strlen(client_tag) + 4 + 2 + 1); ++ int buflen = strlen(flags) + strlen(query) + strlen(client_tag) + 4 + 2 + 1; + buf = xmalloc(buflen); + *buf = '\0'; for (i = 0; ripe_servers[i]; i++) if (strcmp(server, ripe_servers[i]) == 0) { -@@ -426,21 +428,21 @@ +@@ -448,21 +450,21 @@ if (*flags) { if (!isripe && strcmp(server, "whois.corenic.net") != 0) puts(_("Warning: RIPE flags used with a traditional server.")); @@ -84,7 +86,7 @@ return buf; } -@@ -483,7 +485,7 @@ +@@ -505,7 +507,7 @@ if (verb) printf(_("Detected referral to %s on %s.\n"), nq, nh); @@ -93,7 +95,7 @@ fd = openconn(nh, np); do_query(fd, nq); continue; -@@ -509,7 +511,7 @@ +@@ -531,7 +533,7 @@ FILE *fi; int state = 0; @@ -102,7 +104,7 @@ *temp = '='; strcpy(temp + 1, query); strcat(temp, "\r\n"); -@@ -527,7 +529,7 @@ +@@ -549,7 +551,7 @@ for (p = buf; *p != ':'; p++); /* skip until colon */ for (p++; *p == ' '; p++); /* skip colon and spaces */ @@ -111,7 +113,7 @@ for (q = ret; *p != '\n' && *p != '\r' && *p != ' '; *q++ = *p++) ; /*copy data*/ *q = '\0'; -@@ -572,7 +574,7 @@ +@@ -594,7 +596,7 @@ for (p = buf; *p != ':'; p++); /* skip until colon */ for (p++; *p != ':'; p++); /* skip until 2nd colon */ for (p++; *p == ' '; p++); /* skip colon and spaces */ @@ -120,7 +122,7 @@ for (q = ret; *p != '\n' && *p != '\r'; *q++ = *p++); /*copy data*/ *q = '\0'; state = 2; -@@ -726,6 +728,24 @@ +@@ -768,6 +770,24 @@ exit(0); } @@ -145,11 +147,12 @@ /* Error routines */ void err_sys(const char *fmt, ...) ---- whois.h.orig 2003-11-23 01:58:01.000000000 +0100 -+++ whois.h 2003-11-23 01:58:52.000000000 +0100 -@@ -23,6 +23,8 @@ - int domfind(const char *, const char *[]); +diff -Naur whois-4.6.9/whois.h whois/whois.h +--- whois-4.6.9/whois.h 2003-12-01 18:21:59.000000000 +0100 ++++ whois/whois.h 2003-12-08 01:06:28.000000000 +0100 +@@ -24,6 +24,8 @@ char *normalize_domain(const char *); + char *convert_6to4(const char *); +void *xmalloc(size_t); +void *xrealloc(void *, size_t); |