--- /dev/null
+--- whois.c.org 2004-04-13 21:31:16.000000000 +0200
++++ whois.c 2004-04-13 21:49:57.000000000 +0200
+@@ -76,7 +76,7 @@
+ /* RIPE flags */
+ if (strchr(ripeflags, ch)) {
+ for (p = fstring; *p; p++);
+- sprintf(p--, "-%c ", ch);
++ snprintf(p--, sizeof(fstring), "-%c ", ch);
+ continue;
+ }
+ if (strchr(ripeflagsp, ch)) {
+@@ -121,7 +121,7 @@
+ usage();
+
+ /* On some systems realloc only works on non-NULL buffers */
+- qstring = malloc(64);
++ qstring = xmalloc(64);
+ *qstring = '\0';
+
+ /* parse other parameters, if any */
+@@ -130,11 +130,11 @@
+
+ while (1) {
+ qslen += strlen(*argv) + 1 + 1;
+- qstring = realloc(qstring, qslen);
+- strcat(qstring, *argv++);
++ qstring = xrealloc(qstring, qslen);
++ strncat(qstring, *argv++, qslen-1);
+ if (argc == 1)
+ break;
+- strcat(qstring, " ");
++ strncat(qstring, " ", qslen);
+ argc--;
+ }
+ }
+@@ -422,8 +422,12 @@
+ char *buf;
+ int i, isripe = 0;
+
++ /* buflen was always 0 in original patch and buf was allocated
++ twice /Aye */
+ /* 64 bytes reserved for server-specific flags added later */
+- buf = malloc(strlen(flags) + strlen(query) + strlen(client_tag) + 64);
++ int buflen = strlen(flags) + strlen(query) + strlen(client_tag) + 64;
++ buf = xmalloc(buflen);
++
+ *buf = '\0';
+ for (i = 0; ripe_servers[i]; i++)
+ if (strcmp(server, ripe_servers[i]) == 0) {
+@@ -445,7 +449,7 @@
+ if (*flags) {
+ if (!isripe && strcmp(server, "whois.corenic.net") != 0)
+ puts(_("Warning: RIPE flags used with a traditional server."));
+- strcat(buf, flags);
++ strncat(buf, flags, buflen);
+ }
+
+ /* why, oh why DENIC had to make whois "user friendly"?
+@@ -453,20 +457,20 @@
+ */
+ if (isripe && strcmp(server, "whois.denic.de") == 0 && domcmp(query, ".de")
+ && !strchr(query, ' '))
+- sprintf(buf, "-T dn,ace -C US-ASCII %s", query);
++ snprintf(buf, buflen, "-T dn,ace -C US-ASCII %s", query);
+ else if (!isripe && (strcmp(server, "whois.nic.mil") == 0 ||
+ strcmp(server, "whois.nic.ad.jp") == 0) &&
+ strncasecmp(query, "AS", 2) == 0 && isasciidigit(query[2]))
+ /* FIXME: /e is not applied to .JP ASN */
+- sprintf(buf, "AS %s", query + 2); /* fix query for DDN */
++ snprintf(buf, buflen, "AS %s", query + 2); /* fix query for DDN */
+ else if (!isripe && strcmp(server, "whois.nic.ad.jp") == 0) {
+ char *lang = getenv("LANG"); /* not a perfect check, but... */
+ if (!lang || (strncmp(lang, "ja", 2) != 0))
+- sprintf(buf, "%s/e", query); /* ask for english text */
++ snprintf(buf, buflen, "%s/e", query); /* ask for english text */
+ else
+- strcat(buf, query);
++ strncat(buf, query, buflen);
+ } else
+- strcat(buf, query);
++ strncat(buf, query, buflen);
+ return buf;
+ }
+
+@@ -581,7 +585,7 @@
+ int hide = hide_discl;
+ int state = 0;
+
+- temp = malloc(strlen(query) + 1 + 2 + 1);
++ temp = xmalloc(strlen(query) + 1 + 2 + 1);
+ *temp = '=';
+ strcpy(temp + 1, query);
+ strcat(temp, "\r\n");
+@@ -599,7 +603,7 @@
+
+ for (p = buf; *p != ':'; p++); /* skip until colon */
+ for (p++; *p == ' '; p++); /* skip colon and spaces */
+- ret = malloc(strlen(p) + 1);
++ ret = xmalloc(strlen(p) + 1);
+ for (q = ret; *p != '\n' && *p != '\r' && *p != ' '; *q++ = *p++)
+ ; /*copy data*/
+ *q = '\0';
+@@ -847,6 +851,25 @@
+ exit(0);
+ }
+
++/* Memory allocation routines */
++void *xmalloc(size_t size)
++{
++ void *ptr;
++
++ if ((ptr = malloc(size)) == NULL)
++ err_sys("malloc");
++
++ return ptr;
++}
++
++void *xrealloc(void *ptr, size_t size)
++{
++ if ((ptr = realloc(ptr, size)) == NULL)
++ err_sys("realloc");
++
++ return ptr;
++}
++
+
+ /* Error routines */
+ void err_sys(const char *fmt, ...)
+--- whois.h.org 2004-04-13 21:50:35.000000000 +0200
++++ whois.h 2004-04-13 21:51:00.000000000 +0200
+@@ -32,6 +32,8 @@
+ void split_server_port(const char *const input, const char **server,
+ const char **port);
+
++void *xmalloc(size_t);
++void *xrealloc(void *, size_t);
+ void err_quit(const char *,...);
+ void err_sys(const char *,...);
+
--- /dev/null
+# Copyright 1999-2004 Gentoo Technologies, Inc.
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-misc/whois/whois-4.6.13.ebuild,v 1.1 2004/04/13 20:14:30 mholzer Exp $
+
+IUSE="nls"
+MY_P=${P/-/_}
+DESCRIPTION="improved Whois Client"
+SRC_URI="http://www.linux.it/~md/software/${MY_P}.tar.gz"
+HOMEPAGE="http://www.linux.it/~md/software/"
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~x86 ~ppc ~sparc ~mips hppa ~ia64 ~alpha ~amd64"
+
+DEPEND=">=sys-apps/sed-4
+ >=dev-lang/perl-5"
+RDEPEND="virtual/glibc"
+
+src_unpack() {
+ unpack ${A}
+ cd ${S}
+ sed -i -e "s/-O2/$CFLAGS/" Makefile
+
+ use nls && ( \
+ cd po
+ sed -i -e "s:/usr/bin/install:install:" Makefile
+ ) || ( \
+ sed -i -e "s:cd po.*::" Makefile
+ )
+
+ epatch ${FILESDIR}/${P}-gentoo-security.patch || die
+}
+
+src_compile() {
+ make || die
+ make mkpasswd || die
+}
+
+src_install() {
+ dodir /usr/bin
+ dodir /usr/share/man/man1
+ use nls && dodir /usr/share/locale
+ make BASEDIR=${D} prefix=/usr mandir=/usr/share/man install || die
+
+ dobin mkpasswd
+ doman mkpasswd.1
+ dodoc README whois.conf debian/changelog debian/copyright
+
+ einfo ""
+ einfo "The example whois.conf is located in /usr/doc/${P}"
+ einfo ""
+}
projects / gentoo.git / commitdiff