Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-arch/zoo/files
diff options
context:
space:
mode:
Diffstat (limited to 'app-arch/zoo/files')
-rw-r--r--app-arch/zoo/files/zoo-2.10-CAN-2005-2349.patch36
-rw-r--r--app-arch/zoo/files/zoo-2.10-febz-183426.patch16
-rw-r--r--app-arch/zoo/files/zoo-2.10-gentoo-fbsd.patch25
-rw-r--r--app-arch/zoo/files/zoo-2.10-multiple-dos-fix.patch71
-rw-r--r--app-arch/zoo/files/zoo-2.10-security_pathsize.patch23
5 files changed, 171 insertions, 0 deletions
diff --git a/app-arch/zoo/files/zoo-2.10-CAN-2005-2349.patch b/app-arch/zoo/files/zoo-2.10-CAN-2005-2349.patch
new file mode 100644
index 000000000000..3752728c8e5a
--- /dev/null
+++ b/app-arch/zoo/files/zoo-2.10-CAN-2005-2349.patch
@@ -0,0 +1,36 @@
+Taken from Fedora
+
+--- portable.c
++++ portable.c
+@@ -364,6 +364,31 @@
+ show_dir(direntry);
+ }
+ #endif
++ char *p;
++ /* take off '../' */
++ while ((p = strstr( direntry->dirname, "../" )) != NULL) {
++ while (*(p+3) != '\0') {
++ *p = *(p + 3);
++ p++;
++ }
++ *p = *(p+3); /* move last null */
++ //printf("zoo: skipped \"../\" path component in '%s'\n", direntry->dirname);
++ }
++ /* take off '/' */
++ if ( direntry->dirname[0] == '/' ) {
++ p = direntry->dirname;
++ while (*p != '\0') {
++ *p = *(p + 1);
++ p++;
++ }
++ *p = *(p+1); /* move last null */
++ //printf("zoo: skipped \"/\" path component in '%s'\n", direntry->dirname);
++ }
++ /* take off '..' */
++ if(!strcmp(direntry->dirname, ".."))
++ direntry->dirname[0] = '\0';
++ /* direntry->dirlen = strlen(direntry->dirname); */
++
+ return (0);
+ }
+
diff --git a/app-arch/zoo/files/zoo-2.10-febz-183426.patch b/app-arch/zoo/files/zoo-2.10-febz-183426.patch
new file mode 100644
index 000000000000..d8e34d628094
--- /dev/null
+++ b/app-arch/zoo/files/zoo-2.10-febz-183426.patch
@@ -0,0 +1,16 @@
+Taken from Fedora
+
+https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=183426
+http://bugs.gentoo.org/125622
+
+--- zoo/parse.c
++++ zoo/parse.c
+@@ -39,7 +39,7 @@
+ char *namep; /* points to relevant part of tempname */
+
+ char *p;
+- strcpy (tempname, fname);
++ strncpy(tempname, fname, LFNAMESIZE);
+
+ #ifdef DEBUG
+ printf ("parse: supplied name is [%s].\n", tempname);
diff --git a/app-arch/zoo/files/zoo-2.10-gentoo-fbsd.patch b/app-arch/zoo/files/zoo-2.10-gentoo-fbsd.patch
new file mode 100644
index 000000000000..64eabaf40586
--- /dev/null
+++ b/app-arch/zoo/files/zoo-2.10-gentoo-fbsd.patch
@@ -0,0 +1,25 @@
+--- sysv.c 2007-06-16 15:01:53 +0200
++++ sysv.c.new 2007-06-16 14:38:38 +0200
+@@ -63,8 +63,8 @@
+ return (fname); /* default is no-op */
+ }
+
+-extern long timezone; /* defined by library routine */
+-long time ();
++/*extern long timezone; defined by library routine */
++/* long time (); */
+ struct tm *localtime ();
+
+ /* Function gettz(), returns the offset from GMT in seconds of the
+--- zoo.h 2007-06-16 15:01:53 +0200
++++ zoo.h.new 2007-06-16 14:57:58 +0200
+@@ -95,6 +95,9 @@
+ #endif
+
+ typedef unsigned char uchar;
++typedef unsigned int uint;
++typedef unsigned long ulong;
++typedef unsigned short ushort;
+
+ /* WARNING: Static initialization in zooadd.c or zooext.c depends on the
+ order of fields in struct zoo_header */ \ No newline at end of file
diff --git a/app-arch/zoo/files/zoo-2.10-multiple-dos-fix.patch b/app-arch/zoo/files/zoo-2.10-multiple-dos-fix.patch
new file mode 100644
index 000000000000..b37cee0c94dc
--- /dev/null
+++ b/app-arch/zoo/files/zoo-2.10-multiple-dos-fix.patch
@@ -0,0 +1,71 @@
+diff -ur zoo-2.10-r2/zooext.c zoo-2.10-r3/zooext.c
+--- zoo-2.10-r2/zooext.c 2007-05-23 23:39:14.000000000 +0200
++++ zoo-2.10-r3/zooext.c 2007-05-23 23:36:37.000000000 +0200
+@@ -89,6 +89,7 @@
+ #endif
+ struct direntry direntry; /* directory entry */
+ int first_dir = 1; /* first dir entry seen? */
++ unsigned long zoo_pointer = 0; /* Track our position in the file */
+
+ static char extract_ver[] = "Zoo %d.%d is needed to extract %s.\n";
+ static char no_space[] = "Insufficient disk space to extract %s.\n";
+@@ -169,6 +170,9 @@
+ exit_status = 1;
+ }
+ zooseek (zoo_file, zoo_header.zoo_start, 0); /* seek to where data begins */
++
++ /* Begin tracking our position in the file */
++ zoo_pointer = zoo_header.zoo_start;
+ }
+
+ #ifndef PORTABLE
+@@ -597,6 +601,11 @@
+ } /* end if */
+
+ loop_again:
++ /* Make sure we are not seeking to already processed data */
++ if (next_ptr <= zoo_pointer)
++ prterror ('f', "ZOO chain structure is corrupted\n");
++ zoo_pointer = next_ptr;
++
+ zooseek (zoo_file, next_ptr, 0); /* ..seek to next dir entry */
+ } /* end while */
+
+Nur in zoo-2.10-r3: zooext.c~.
+Nur in zoo-2.10-r3: zooext.c.orig.
+diff -ur zoo-2.10-r2/zoolist.c zoo-2.10-r3/zoolist.c
+--- zoo-2.10-r2/zoolist.c 1991-07-20 00:57:27.000000000 +0200
++++ zoo-2.10-r3/zoolist.c 2007-05-23 23:38:19.000000000 +0200
+@@ -92,7 +92,7 @@
+ int show_mode = 0; /* show file protection */
+ #endif
+ int first_dir = 1; /* if first direntry -- to adjust dat_ofs */
+-
++unsigned long zoo_pointer = 0; /* Track our position in the file */
+ while (*option) {
+ switch (*option) {
+ case 'a': show_name++; break;
+@@ -211,6 +211,9 @@
+ show_acmt (&zoo_header, zoo_file, 0); /* show archive comment */
+ }
+
++ /* Begin tracking our position in the file */
++ zoo_pointer = zoo_header.zoo_start;
++
+ /* Seek to the beginning of the first directory entry */
+ if (zooseek (zoo_file, zoo_header.zoo_start, 0) != 0) {
+ ercount++;
+@@ -437,6 +440,11 @@
+ if (verb_list && !fast)
+ show_comment (&direntry, zoo_file, 0, (char *) NULL);
+ } /* end if (lots of conditions) */
++
++ /* Make sure we are not seeking to already processed data */
++ if (direntry.next <= zoo_pointer)
++ prterror ('f', "ZOO chain structure is corrupted\n");
++ zoo_pointer = direntry.next;
+
+ /* ..seek to next dir entry */
+ zooseek (zoo_file, direntry.next, 0);
+Nur in zoo-2.10-r3: zoolist.c~.
+Nur in zoo-2.10-r3: zoolist.c.orig.
diff --git a/app-arch/zoo/files/zoo-2.10-security_pathsize.patch b/app-arch/zoo/files/zoo-2.10-security_pathsize.patch
new file mode 100644
index 000000000000..4f89530f43e7
--- /dev/null
+++ b/app-arch/zoo/files/zoo-2.10-security_pathsize.patch
@@ -0,0 +1,23 @@
+Taken from Fedora
+
+--- misc.c
++++ misc.c
+@@ -135,11 +135,17 @@
+ char *fullpath (direntry)
+ struct direntry *direntry;
+ {
+- static char result[PATHSIZE];
++ static char result[PATHSIZE+LFNAMESIZE+12]; /* Room for enough space.*/
+ combine (result,
+ direntry->dirlen != 0 ? direntry->dirname : "",
+ (direntry->namlen != 0) ? direntry->lfname : direntry->fname
+ );
++
++ if (strlen (result) >= PATHSIZE) {
++ prterror ('f', "Combined dirname and filename too long!\n");
++ *result = '\0';
++ }
++
+ return (result);
+ }
+