summaryrefslogtreecommitdiff
path: root/extra/cvsps/cvsps-2.2b1-bufferoverflow.patch
diff options
context:
space:
mode:
Diffstat (limited to 'extra/cvsps/cvsps-2.2b1-bufferoverflow.patch')
-rw-r--r--extra/cvsps/cvsps-2.2b1-bufferoverflow.patch65
1 files changed, 65 insertions, 0 deletions
diff --git a/extra/cvsps/cvsps-2.2b1-bufferoverflow.patch b/extra/cvsps/cvsps-2.2b1-bufferoverflow.patch
new file mode 100644
index 000000000..2a82cd4e0
--- /dev/null
+++ b/extra/cvsps/cvsps-2.2b1-bufferoverflow.patch
@@ -0,0 +1,65 @@
+--- cvsps-2.2b1/cvsps.c 2010-09-07 18:13:42.760727491 +0200
++++ cvsps-2.2b1_/cvsps.c 2010-09-07 18:05:11.083729441 +0200
+@@ -1065,17 +1065,16 @@ static CvsFile * parse_file(const char *
+ {
+ CvsFile * retval;
+ char fn[PATH_MAX];
+- int len = strlen(buff + 10);
++ size_t len = strlen(buff + 10);
+ char * p;
+
+ /* once a single file has been parsed ok we set this */
+ static int path_ok;
+-
++
+ /* chop the ",v" string and the "LF" */
+ len -= 3;
+ memcpy(fn, buff + 10, len);
+ fn[len] = 0;
+-
+ if (strncmp(fn, strip_path, strip_path_len) != 0)
+ {
+ /* if the very first file fails the strip path,
+@@ -1096,10 +1095,10 @@ static CvsFile * parse_file(const char *
+
+ while ((p = strstr(p, repository_path)))
+ lastp = p++;
+-
++
+ if (lastp)
+ {
+- int len = strlen(repository_path);
++ size_t len = strlen(repository_path);
+ memcpy(strip_path, fn, lastp - fn + len + 1);
+ strip_path_len = lastp - fn + len + 1;
+ strip_path[strip_path_len] = 0;
+@@ -1114,16 +1113,26 @@ static CvsFile * parse_file(const char *
+ *
+ * For now just ignore such files
+ */
+- debug(DEBUG_APPMSG1, "WARNING: file %s doesn't match strip_path %s. ignoring",
++ debug(DEBUG_APPMSG1, "WARNING: file %s doesn't match strip_path %s. ignoring",
+ fn, strip_path);
+ return NULL;
+ }
+
+ ok:
+- path_ok = 1;
+-
++ /*
++ fix for rhbz#576076
++ ./cvsps --norc -q --cvs-direct -u -A --root :pserver:anonymous@cvs-mirror.mozilla.org:/cvsroot NSS
++ */
++ if(len <= strip_path_len)
++ {
++ debug(DEBUG_APPMSG1, "WARNING: file %s doesn't match strip_path %s. ignoring",
++ fn, strip_path);
++ return NULL;
++ }
+ /* remove from beginning the 'strip_path' string */
+ len -= strip_path_len;
++ path_ok = 1;
++
+ memmove(fn, fn + strip_path_len, len);
+ fn[len] = 0;
+
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-07 03:46:09 +0000