Security fix bug #93054

Package-Manager: portage-2.0.51.19

5 files changed, 65 insertions, 4 deletions

diff --git a/app-cdr/extract-xiso/ChangeLog b/app-cdr/extract-xiso/ChangeLog
index 46005734320c..b3eeca99fafa 100644
--- a/app-cdr/extract-xiso/ChangeLog
+++ b/app-cdr/extract-xiso/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for app-cdr/extract-xiso
 # Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-cdr/extract-xiso/ChangeLog,v 1.10 2005/04/24 10:44:45 hansmi Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-cdr/extract-xiso/ChangeLog,v 1.11 2005/05/21 10:03:19 chrb Exp $
+
+  21 May 2005; Chris Bainbridge <chrb@gentoo.org>
+  +files/extract-xiso-2.4_beta2-64bitfix.patch,
+  +files/extract-xiso-2.4_beta2-fnamefix.patch,
+  extract-xiso-2.4_beta2.ebuild:
+  Security fix bug #93054
 
   24 Apr 2005; Michael Hanselmann <hansmi@gentoo.org>
   extract-xiso-2.4_beta2.ebuild:
diff --git a/app-cdr/extract-xiso/Manifest b/app-cdr/extract-xiso/Manifest
index 4544b5ac029a..2bd26ab2c3ba 100644
--- a/app-cdr/extract-xiso/Manifest
+++ b/app-cdr/extract-xiso/Manifest
@@ -1,4 +1,6 @@
-MD5 6063c1dfee00e129856558d69b830598 extract-xiso-2.4_beta2.ebuild 756
+MD5 d90099d3b693ac8603e6c40ae4309d13 ChangeLog 1384
 MD5 a8ca88ebacaefc4911de517166780a68 metadata.xml 347
-MD5 8d0617f6d3a42d2037ed19d564357fd8 ChangeLog 1180
+MD5 e7de1a004918b6e258c49ca4a5ef30c6 extract-xiso-2.4_beta2.ebuild 859
 MD5 a2a82a5ddb4e29acb7efe8cc8ae4bde4 files/digest-extract-xiso-2.4_beta2 72
+MD5 1e037b513b1e8010146089cde1a23a27 files/extract-xiso-2.4_beta2-64bitfix.patch 1709
+MD5 5b7049098c1011fc95d5a2c532e7f9da files/extract-xiso-2.4_beta2-fnamefix.patch 993
diff --git a/app-cdr/extract-xiso/extract-xiso-2.4_beta2.ebuild b/app-cdr/extract-xiso/extract-xiso-2.4_beta2.ebuild
index 925371b458c5..6cbf9908baba 100644
--- a/app-cdr/extract-xiso/extract-xiso-2.4_beta2.ebuild
+++ b/app-cdr/extract-xiso/extract-xiso-2.4_beta2.ebuild
@@ -1,6 +1,8 @@
 # Copyright 1999-2005 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-cdr/extract-xiso/extract-xiso-2.4_beta2.ebuild,v 1.11 2005/04/24 10:44:45 hansmi Exp $
+# $Header: /var/cvsroot/gentoo-x86/app-cdr/extract-xiso/extract-xiso-2.4_beta2.ebuild,v 1.12 2005/05/21 10:03:19 chrb Exp $
+
+inherit eutils
 
 MY_PV=${PV/_beta/b}
 DESCRIPTION="Tool for extracting and creating optimised Xbox ISO images"
@@ -19,6 +21,9 @@ S="${WORKDIR}/${PN}"
 src_unpack() {
 	unpack ${A}
 	sed -i -e "s:-O2:${CFLAGS}:g" ${S}/Makefile || die "sed failed"
+	cd ${S}
+	epatch ${FILESDIR}/${P}-64bitfix.patch
+	epatch ${FILESDIR}/${P}-fnamefix.patch
 }
 
 src_compile() {
diff --git a/app-cdr/extract-xiso/files/extract-xiso-2.4_beta2-64bitfix.patch b/app-cdr/extract-xiso/files/extract-xiso-2.4_beta2-64bitfix.patch
new file mode 100644
index 000000000000..7f673561195c
--- /dev/null
+++ b/app-cdr/extract-xiso/files/extract-xiso-2.4_beta2-64bitfix.patch
@@ -0,0 +1,29 @@
+--- extract-xiso.c~	2004-05-04 21:39:30.000000000 +0200
++++ extract-xiso.c	2005-01-29 10:48:32.603567584 +0100
+@@ -631,7 +631,7 @@
+ int extract_file( int in_xiso, dir_node *in_file, modes in_mode );
+ int open_ftp_connection( char *in_host, char *in_user, char *in_password, FTP **out_ftp );
+ int decode_xiso( char *in_xiso, char *in_path, modes in_mode, char **out_iso_path, bool in_ll_compat );
+-int verify_xiso( int in_xiso, unsigned long *out_root_dir_sector, unsigned long *out_root_dir_size, char *in_iso_name );
++int verify_xiso( int in_xiso, int32_t *out_root_dir_sector, int32_t *out_root_dir_size, char *in_iso_name );
+ int traverse_xiso( int in_xiso, dir_node *in_dir_node, xoff_t in_dir_start, char *in_path, modes in_mode, dir_node_avl **in_root, bool in_ll_compat );
+ int create_xiso( char *in_root_directory, char *in_output_directory, dir_node_avl *in_root, int in_xiso, char **out_iso_path, char *in_name, progress_callback in_progress_callback );
+ 
+@@ -980,7 +980,7 @@
+ #endif
+ 
+ 
+-int verify_xiso( int in_xiso, unsigned long *out_root_dir_sector, unsigned long *out_root_dir_size, char *in_iso_name ) {
++int verify_xiso( int in_xiso, int32_t *out_root_dir_sector, int32_t *out_root_dir_size, char *in_iso_name ) {
+ 	int				err = 0;
+ 	char			buffer[ XISO_HEADER_DATA_LENGTH ];
+ 
+@@ -1187,7 +1187,7 @@
+ int decode_xiso( char *in_xiso, char *in_path, modes in_mode, char **out_iso_path, bool in_ll_compat ) {
+ 	dir_node_avl		   *root = nil;
+ 	bool					repair = false;
+-	unsigned long			root_dir_sect, root_dir_size;
++	int32_t			root_dir_sect, root_dir_size;
+ 	int						xiso, err = 0, len, path_len = 0, add_slash = 0;
+ 	char				   *buf, *cwd = nil, *name = nil, *short_name = nil, *iso_name;
+ 
diff --git a/app-cdr/extract-xiso/files/extract-xiso-2.4_beta2-fnamefix.patch b/app-cdr/extract-xiso/files/extract-xiso-2.4_beta2-fnamefix.patch
new file mode 100644
index 000000000000..f7628bfe6239
--- /dev/null
+++ b/app-cdr/extract-xiso/files/extract-xiso-2.4_beta2-fnamefix.patch
@@ -0,0 +1,19 @@
+Common subdirectories: extract-xiso.orig/darwin and extract-xiso/darwin
+diff -u extract-xiso.orig/extract-xiso.c extract-xiso/extract-xiso.c
+--- extract-xiso.orig/extract-xiso.c	2005-05-21 10:59:45.065431800 +0000
++++ extract-xiso/extract-xiso.c	2005-05-21 10:59:23.935644016 +0000
+@@ -1345,6 +1345,11 @@
+ 	if ( ! err ) {
+ 		if ( read( in_xiso, dir->filename, dir->filename_length ) != dir->filename_length ) read_err();
+ 		if ( ! err ) dir->filename[ dir->filename_length ] = 0;
++		if (strstr(dir->filename,"..") || strchr(dir->filename, '/') || strchr(dir->filename, '\\'))
++		  {
++		    printf("Filename contains invalid characters");
++		    exit(1);
++		  }
+ 	}
+ 
+ 	if ( ! err && in_mode == k_generate_avl ) {
+Common subdirectories: extract-xiso.orig/libftp-5.0.1.modified.by.in and extract-xiso/libftp-5.0.1.modified.by.in
+Common subdirectories: extract-xiso.orig/visual_c++_project and extract-xiso/visual_c++_project
+Common subdirectories: extract-xiso.orig/win32 and extract-xiso/win32