From: Stefan Briesenick <sbriesen@gentoo.org>
Date: Thu, 15 Mar 2007 00:35:54 +0000 (+0000)
Subject: added patch for buffer overflow in bufprint function (see bug #170870).
X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=e3c2c11b8095abfe1e8a919c1339115a386c2462;p=gentoo.git

added patch for buffer overflow in bufprint function (see bug #170870).
Package-Manager: portage-2.1.2-r2
---

diff --git a/net-dialup/capi4k-utils/ChangeLog b/net-dialup/capi4k-utils/ChangeLog
index 8edc18c49b1a..611a3e426363 100644
--- a/net-dialup/capi4k-utils/ChangeLog
+++ b/net-dialup/capi4k-utils/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for net-dialup/capi4k-utils
 # Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-dialup/capi4k-utils/ChangeLog,v 1.50 2007/02/04 14:34:15 blubb Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-dialup/capi4k-utils/ChangeLog,v 1.51 2007/03/15 00:35:54 sbriesen Exp $
+
+*capi4k-utils-20050718-r3 (15 Mar 2007)
+
+  15 Mar 2007; Stefan Briesenick <sbriesen@gentoo.org>
+  +files/capi4k-utils-20050718-msg2str-safety.diff,
+  +capi4k-utils-20050718-r3.ebuild:
+  added patch for buffer overflow in bufprint function (see bug #170870).
 
   04 Feb 2007; Simon Stelling <blubb@gentoo.org>
   capi4k-utils-20050718-r2.ebuild:
diff --git a/net-dialup/capi4k-utils/Manifest b/net-dialup/capi4k-utils/Manifest
index 099d02b532c0..9fe50272395e 100644
--- a/net-dialup/capi4k-utils/Manifest
+++ b/net-dialup/capi4k-utils/Manifest
@@ -38,6 +38,10 @@ AUX capi.usermap 1663 RMD160 27b6dab9e39f79dbefdd6cffe4e814be9a99f0c5 SHA1 869a7
 MD5 09d93d6fd9f60f763d38f4257f31abcd files/capi.usermap 1663
 RMD160 27b6dab9e39f79dbefdd6cffe4e814be9a99f0c5 files/capi.usermap 1663
 SHA256 6e2750a3b2b69a9ea78239cb41b2c63893a8c479fcb80dfe0b7f2b9b6bc61055 files/capi.usermap 1663
+AUX capi4k-utils-20050718-msg2str-safety.diff 989 RMD160 7e109e48aea95a8b96b92c217afc0114fd49ee5f SHA1 ba1539e384cd266f84628e1e79108c74fdb206b8 SHA256 b94572829bec51117e5856eec5df645ba36342a537834efdf184881cfaa5c29e
+MD5 4064f993ad5170ff9c715cd073aef1ed files/capi4k-utils-20050718-msg2str-safety.diff 989
+RMD160 7e109e48aea95a8b96b92c217afc0114fd49ee5f files/capi4k-utils-20050718-msg2str-safety.diff 989
+SHA256 b94572829bec51117e5856eec5df645ba36342a537834efdf184881cfaa5c29e files/capi4k-utils-20050718-msg2str-safety.diff 989
 AUX capi4k-utils-20050718-pppd244.diff 37773 RMD160 2c44f830622247b37208573f82e3c31d20814bd4 SHA1 e525e256adb4c48a4e2471002b2bec8531fb62e8 SHA256 40aea7d496473071bae0a5e720f810eccedca8ff051076b3789e611d8745bdbf
 MD5 61629340de8b4050a47946d9c5bcaa39 files/capi4k-utils-20050718-pppd244.diff 37773
 RMD160 2c44f830622247b37208573f82e3c31d20814bd4 files/capi4k-utils-20050718-pppd244.diff 37773
@@ -59,10 +63,14 @@ EBUILD capi4k-utils-20050718-r2.ebuild 5068 RMD160 2ea9c7658056d0d4510b559db7f08
 MD5 e97db628d1c4da1fb6ca390b81892d14 capi4k-utils-20050718-r2.ebuild 5068
 RMD160 2ea9c7658056d0d4510b559db7f085abb65d99fb capi4k-utils-20050718-r2.ebuild 5068
 SHA256 bbd0b445030271b3d2efa317df52b501004041dd4098bdad7da37c4cc1c533db capi4k-utils-20050718-r2.ebuild 5068
-MISC ChangeLog 9650 RMD160 6309279a8270a4cb60121ff42fbf74ba470e346d SHA1 1454336875d8e8a8c0a7dbe0b1e706e9ebb2e636 SHA256 0d48fad3c09974433cc25f765072d95f826c0fca3516ded654110379a31c1dfe
-MD5 b44bccba156acc44ef0ba032413f7d55 ChangeLog 9650
-RMD160 6309279a8270a4cb60121ff42fbf74ba470e346d ChangeLog 9650
-SHA256 0d48fad3c09974433cc25f765072d95f826c0fca3516ded654110379a31c1dfe ChangeLog 9650
+EBUILD capi4k-utils-20050718-r3.ebuild 5169 RMD160 d7b7fef60a9203fff33b88627028fed438e95e45 SHA1 c316a7e38d5e1dead49b88cb79ff886bd3f9cd02 SHA256 79eb81a58ba96875ab86afa2d71aafa4aa0273863169ffd1a9714e89c6c010a8
+MD5 c55bb1a942e7cedee0baba5422131310 capi4k-utils-20050718-r3.ebuild 5169
+RMD160 d7b7fef60a9203fff33b88627028fed438e95e45 capi4k-utils-20050718-r3.ebuild 5169
+SHA256 79eb81a58ba96875ab86afa2d71aafa4aa0273863169ffd1a9714e89c6c010a8 capi4k-utils-20050718-r3.ebuild 5169
+MISC ChangeLog 9912 RMD160 e7c175a8f7edd7a5a76b8cc2e6974cf459bfe806 SHA1 69e2e1aa75a7c0f79633ebd921da6120cbfd4a42 SHA256 a5ac48f4d51fd1f816368ad44842aa8811b4a273b4ef448ab03da6218b01c0ae
+MD5 fb8c0177022cb945f2b72c79b359fff9 ChangeLog 9912
+RMD160 e7c175a8f7edd7a5a76b8cc2e6974cf459bfe806 ChangeLog 9912
+SHA256 a5ac48f4d51fd1f816368ad44842aa8811b4a273b4ef448ab03da6218b01c0ae ChangeLog 9912
 MISC metadata.xml 618 RMD160 7dc735e007ea83f896fae31e70ce14b5410035fa SHA1 89000a29d9233eb928388c169cb0993c0f187370 SHA256 b99ca46c9cdbd485f0fc6c1cfe135d9e999b515da81632fb5330ebae8a3d025c
 MD5 57ebf0922074a9d61182c51349de5d53 metadata.xml 618
 RMD160 7dc735e007ea83f896fae31e70ce14b5410035fa metadata.xml 618
@@ -73,3 +81,6 @@ SHA256 1ec64e092e9d52395cf5d2eeb946130f512e430f54bab63ee7a5f2363e1fc4d1 files/di
 MD5 b4861d0c45b8a00cec2a5b865193129b files/digest-capi4k-utils-20050718-r2 271
 RMD160 a4a39ae3b1cc0cbd42ff915bc8293d1d046f4422 files/digest-capi4k-utils-20050718-r2 271
 SHA256 1ec64e092e9d52395cf5d2eeb946130f512e430f54bab63ee7a5f2363e1fc4d1 files/digest-capi4k-utils-20050718-r2 271
+MD5 b4861d0c45b8a00cec2a5b865193129b files/digest-capi4k-utils-20050718-r3 271
+RMD160 a4a39ae3b1cc0cbd42ff915bc8293d1d046f4422 files/digest-capi4k-utils-20050718-r3 271
+SHA256 1ec64e092e9d52395cf5d2eeb946130f512e430f54bab63ee7a5f2363e1fc4d1 files/digest-capi4k-utils-20050718-r3 271
diff --git a/net-dialup/capi4k-utils/capi4k-utils-20050718-r3.ebuild b/net-dialup/capi4k-utils/capi4k-utils-20050718-r3.ebuild
new file mode 100644
index 000000000000..939e6d3807a8
--- /dev/null
+++ b/net-dialup/capi4k-utils/capi4k-utils-20050718-r3.ebuild
@@ -0,0 +1,157 @@
+# Copyright 1999-2007 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-dialup/capi4k-utils/capi4k-utils-20050718-r3.ebuild,v 1.1 2007/03/15 00:35:54 sbriesen Exp $
+
+inherit eutils multilib linux-info
+
+YEAR_PV="${PV:0:4}"
+MON_PV="${PV:4:2}"
+DAY_PV="${PV:6:2}"
+MY_P="${PN}-${YEAR_PV}-${MON_PV}-${DAY_PV}"
+PPPVERSIONS="2.4.2 2.4.3 2.4.4"  # versions in portage
+
+DESCRIPTION="CAPI4Linux Utils"
+HOMEPAGE="ftp://ftp.in-berlin.de/pub/capi4linux/"
+SRC_URI="ftp://ftp.in-berlin.de/pub/capi4linux/${MY_P}.tar.gz
+	ftp://ftp.in-berlin.de/pub/capi4linux/OLD/${MY_P}.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86"
+IUSE="fax pppd tcpd usb pcmcia"
+
+DEPEND="virtual/linux-sources
+	virtual/os-headers
+	>=sys-apps/sed-4"
+
+RDEPEND="usb? ( sys-apps/hotplug )
+	pcmcia? ( virtual/pcmcia )
+	dev-lang/perl"
+
+S="${WORKDIR}/${PN}"
+
+pkg_setup() {
+	# check kernel config
+	CONFIG_CHECK="ISDN ISDN_CAPI ISDN_CAPI_CAPI20"
+	use pppd && CONFIG_CHECK="${CONFIG_CHECK} ISDN_CAPI_MIDDLEWARE ISDN_CAPI_CAPIFS_BOOL"
+	linux-info_pkg_setup
+}
+
+src_unpack() {
+	unpack ${A}
+	cd "${S}"
+
+	# add ppp-2.4.4 support
+	epatch "${FILESDIR}/${P}-pppd244.diff"
+
+	# apply msg2str-safety patch (see bug #170870)
+	epatch "${FILESDIR}/${P}-msg2str-safety.diff"
+
+	# set our config
+	cp -f "${FILESDIR}/config" .config
+	# copy init-script config
+	cp -f "${FILESDIR}/capi.confd" capi.confd
+	# patch all Makefile.* and Rules.make to use our CFLAGS
+	sed -i -e "s:^\(CFLAGS.*\)-O2:\1${CFLAGS}:g" */Makefile.* */Rules.make || die "sed failed"
+	# patch capi20/Makefile.* to use -fPIC for shared library
+	sed -i -e "s:^\(CFLAGS.*\):\1 -fPIC:g" capi20/Makefile.* || die "sed failed"
+	# patch pppdcapiplugin/Makefile to use only the ppp versions we want
+	sed -i -e "s:^\(PPPVERSIONS = \).*$:\1${PPPVERSIONS}:g" pppdcapiplugin/Makefile || die "sed failed"
+	# patch capiinit/capiinit.c to look also in /lib/firmware
+	sed -i -e "s:\(\"/lib/firmware/isdn\",\):\1 \"/lib/firmware\",:g" capiinit/capiinit.c || die "sed failed"
+	# no, we don't need any devices nodes
+	sed -i -e "s:\(sh scripts/makedev.sh\):echo \1:g" Makefile || die "sed failed"
+	# add --libdir to configure call in Makefile
+	sed -i -e "s:\(\./configure \):\1--libdir=/usr/$(get_libdir) :g" Makefile || die "sed failed"
+	# patch /usr/lib/pppd in pppdcapiplugin tree
+	sed -i -e "s:/usr/lib/pppd:/usr/$(get_libdir)/pppd:g" \
+		pppdcapiplugin/ppp-*/Makefile pppdcapiplugin/{README,*.8} || die "sed failed"
+
+	# USB hotplug
+	use usb || sed -i -e "s:^\(CAPI_HOTPLUG_.*\)$:### \1:g" capi.confd
+	# build rcapid
+	use tcpd || sed -i -e "s:^\(CONFIG_RCAPID=.*\)$:# \1:g" .config
+	# build capifax
+	use fax || sed -i -e "s:^\(CONFIG_CAPIFAX=.*\)$:# \1:g" .config
+	# build pppdcapiplugin
+	use pppd || sed -i -e "s:^\(CONFIG_PPPDCAPIPLUGIN=.*\)$:# \1:g" .config
+}
+
+src_compile() {
+	emake subconfig || die "make subconfig failed"
+	emake || die "make failed"
+}
+
+src_install() {
+	make DESTDIR="${D}" install || die "make install failed"
+
+	# fixing permissions (see bug #136120)
+	fperms 0644 /usr/share/man/man8/capiplugin.8
+
+	# install base
+	dobin scripts/isdncause
+	newinitd "${FILESDIR}/capi.initd" capi
+	newconfd capi.confd capi
+	insinto /etc
+	doins "${FILESDIR}/capi.conf"
+	dodoc "${FILESDIR}/README.gentoo" scripts/makedev.sh
+
+	# install USB hotplug stuff
+	if use usb; then
+		insinto /etc/hotplug/blacklist.d
+		newins "${FILESDIR}/capi.blacklist" capi
+		insinto /etc/hotplug/usb
+		newins "${FILESDIR}/capi.usermap" capi.usermap
+		exeinto /etc/hotplug/usb
+		newexe "${FILESDIR}/capi.hotplug" capi
+	fi
+
+	# install PCMCIA stuff
+	if use pcmcia; then
+		insinto /etc/pcmcia
+		newins "${FILESDIR}/capi.pcmcia.conf" capi.conf
+		exeinto /etc/pcmcia
+		newexe "${FILESDIR}/capi.pcmcia" capi
+	fi
+
+	# install rcapid stuff
+	if use tcpd; then
+		insinto /etc/xinetd.d
+		newins "${FILESDIR}/rcapid.xinetd" rcapid
+		newdoc rcapid/README README.rcapid
+	fi
+
+	# install pppdcapiplugin stuff
+	if use pppd; then
+		insinto /etc/ppp/peers
+		doins pppdcapiplugin/peers/t-dsl
+		docinto pppdcapiplugin
+		dodoc pppdcapiplugin/README pppdcapiplugin/examples/*
+	fi
+}
+
+pkg_postinst() {
+	einfo
+	einfo "Please read the instructions in:"
+	einfo "/usr/share/doc/${PF}/README.gentoo.gz"
+	einfo
+	einfo "Annotation for active AVM ISDN boards (B1 ISA/PCI, ...):"
+	einfo "If you run"
+	einfo "  emerge isdn-firmware"
+	einfo "you will probably find your board's firmware in /lib/firmware."
+	einfo
+	einfo "If you have another active ISDN board, you should create"
+	einfo "/lib/firmware and copy there your board's firmware."
+	einfo
+	einfo "There're several other packages available, which might have"
+	einfo "the CAPI driver you need for your card(s):"
+	einfo "  net-dialup/fritzcapi - AVM passive ISDN controllers"
+	einfo "  net-dialup/fcdsl     - AVM ISDN/DSL controllers PCI/USB"
+	einfo "  net-dialup/misdn     - some passive cards with HiSax chipset"
+	einfo
+	ewarn "If you're upgrading from an older capi4k-utils, you must recompile"
+	ewarn "the other packages on your system that link with libcapi after the"
+	ewarn "upgrade completes. To perform this action, please run revdep-rebuild"
+	ewarn "in package app-portage/gentoolkit."
+	ewarn
+}
diff --git a/net-dialup/capi4k-utils/files/capi4k-utils-20050718-msg2str-safety.diff b/net-dialup/capi4k-utils/files/capi4k-utils-20050718-msg2str-safety.diff
new file mode 100644
index 000000000000..8e0be87ea601
--- /dev/null
+++ b/net-dialup/capi4k-utils/files/capi4k-utils-20050718-msg2str-safety.diff
@@ -0,0 +1,34 @@
+diff -Naur capi20.orig/capiutils.h capi20/capiutils.h
+--- capi20.orig/capiutils.h	2005-03-22 16:16:34.000000000 +0100
++++ capi20/capiutils.h	2007-03-15 01:18:09.000000000 +0100
+@@ -308,6 +308,10 @@
+ #define capi20_cmd2str	capi_cmd2str
+ char *capi_cmd2str(_cbyte cmd, _cbyte subcmd);
+ 
++/*
++ * WARNING: The following two functions use a single static buffer and
++ * are not thread-safe.
++ */
+ #define capi20_cmsg2str	capi_cmsg2str
+ char *capi_cmsg2str(_cmsg * cmsg);
+ 
+diff -Naur capi20.orig/convert.c capi20/convert.c
+--- capi20.orig/convert.c	2005-05-09 10:23:01.000000000 +0200
++++ capi20/convert.c	2007-03-15 01:20:13.000000000 +0100
+@@ -894,10 +894,14 @@
+ static void bufprint(char *fmt,...)
+ {
+ 	va_list f;
++	size_t space = buf + sizeof(buf) - p, len;
+ 	va_start(f, fmt);
+-	vsprintf(p, fmt, f);
++	len = vsnprintf(p, space, fmt, f);
+ 	va_end(f);
+-	p += strlen(p);
++	if (len < space - 1)
++		p += len;
++	else
++		p += space - 1;
+ }
+ 
+ static void printstructlen(_cbyte * m, unsigned len)
diff --git a/net-dialup/capi4k-utils/files/digest-capi4k-utils-20050718-r3 b/net-dialup/capi4k-utils/files/digest-capi4k-utils-20050718-r3
new file mode 100644
index 000000000000..f1ed75afb639
--- /dev/null
+++ b/net-dialup/capi4k-utils/files/digest-capi4k-utils-20050718-r3
@@ -0,0 +1,3 @@
+MD5 c745759b6b3d64e19763727176648cdf capi4k-utils-2005-07-18.tar.gz 862826
+RMD160 cadd13328aeef50ab26218614176b4f368b0b19d capi4k-utils-2005-07-18.tar.gz 862826
+SHA256 b162d726a31310fc29e7c0a25a4f82a590457f6a95c1b1168bcd72b6497b5746 capi4k-utils-2005-07-18.tar.gz 862826