mirror of
https://git.FreeBSD.org/ports.git
synced 2025-01-20 08:27:15 +00:00
- Fix buffer overflow (CVE-2015-2782)
- Fix absolute path directory traversal (CVE-2015-0557) - Fix symlink directory traversal (CVE-2015-0556) - Fix build on armv6 - Fix parallel build - Make build reproducible PR: 221589 Submitted by: mikael.urankar@gmail.com Obtained from: debian patchset 16 Approved by: garga (maintainer)
This commit is contained in:
parent
3a13584257
commit
1e51c02815
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=452421
@ -3,9 +3,12 @@
|
||||
|
||||
PORTNAME= arj
|
||||
PORTVERSION= 3.10.22
|
||||
PORTREVISION= 4
|
||||
PORTREVISION= 5
|
||||
CATEGORIES= archivers
|
||||
MASTER_SITES= SF/${PORTNAME}/${PORTNAME}/2.78_3.10%20build%2022
|
||||
MASTER_SITES= SF/${PORTNAME}/${PORTNAME}/2.78_3.10%20build%2022:source \
|
||||
DEBIAN_POOL:patch
|
||||
DISTFILES= ${PORTNAME}-${PORTVERSION}.tar.gz:source \
|
||||
${PORTNAME}_${PORTVERSION}-16.debian.tar.xz:patch
|
||||
|
||||
MAINTAINER= garga@FreeBSD.org
|
||||
COMMENT= Open source implementation of the ARJ archiver
|
||||
@ -14,6 +17,17 @@ LICENSE= GPLv2
|
||||
|
||||
PORTSCOUT= skipv:3.10g
|
||||
|
||||
EXTRA_PATCHES= ${WRKDIR}/debian/patches/*.patch
|
||||
IGNORE_PATCHES= 002_no_remove_static_const.patch \
|
||||
doc_refer_robert_k_jung.patch \
|
||||
gnu_build_cross.patch \
|
||||
gnu_build_fix.patch \
|
||||
gnu_build_flags.patch \
|
||||
gnu_build_pie.patch \
|
||||
gnu_build_strip.patch \
|
||||
hurd_no_fcntl_getlk.patch
|
||||
PATCH_STRIP= -p1
|
||||
|
||||
USES= alias gmake
|
||||
USE_AUTOTOOLS= autoconf
|
||||
CONFIGURE_WRKSRC= ${WRKSRC}/gnu
|
||||
@ -21,7 +35,6 @@ MAKEFILE= GNUmakefile
|
||||
MAKE_ARGS= LOCALE="${LANGUAGE}"
|
||||
ALL_TARGET= prepare all
|
||||
STRIP= # empty
|
||||
MAKE_JOBS_UNSAFE= yes
|
||||
|
||||
CFLAGS+= -fPIC
|
||||
LANGUAGE?= en
|
||||
@ -30,6 +43,9 @@ PORTDOCS= *
|
||||
|
||||
OPTIONS_DEFINE= DOCS
|
||||
|
||||
pre-patch:
|
||||
@${RM} ${IGNORE_PATCHES:S,^,${WRKDIR}/debian/patches/,}
|
||||
|
||||
post-patch:
|
||||
@${REINPLACE_CMD} -e 's!/etc!${LOCALBASE}/etc!' \
|
||||
${WRKSRC}/arj.c ${WRKSRC}/file_reg.c ${WRKSRC}/rearj.c
|
||||
|
@ -1,2 +1,5 @@
|
||||
TIMESTAMP = 1508345026
|
||||
SHA256 (arj-3.10.22.tar.gz) = 589e4c9bccc8669e7b6d8d6fcd64e01f6a2c21fe10aad56a83304ecc3b96a7db
|
||||
SIZE (arj-3.10.22.tar.gz) = 431467
|
||||
SHA256 (arj_3.10.22-16.debian.tar.xz) = 2d9cc5aeb2ac44d000d2e3399846f1c3ce468e17e3af4bfb505b9a6eaf88a502
|
||||
SIZE (arj_3.10.22-16.debian.tar.xz) = 19452
|
||||
|
@ -1,60 +0,0 @@
|
||||
--- arj_arcv.c.orig 2005-06-21 19:53:12 UTC
|
||||
+++ arj_arcv.c
|
||||
@@ -59,27 +59,27 @@ static char idxid_fault[]="?";
|
||||
#define setup_hput(ptr) (tmp_hptr=(ptr))
|
||||
|
||||
#define hget_byte() (*(tmp_hptr++)&0xFF)
|
||||
-#define hput_byte(c) (*(tmp_hptr++)=(char) (c))
|
||||
+#define hput_byte(c) (*(tmp_hptr++)=(uint8_t) (c))
|
||||
|
||||
/* Reads two bytes from the header, incrementing the pointer */
|
||||
|
||||
-static unsigned int hget_word()
|
||||
+static uint16_t hget_word()
|
||||
{
|
||||
- unsigned int result;
|
||||
+ uint16_t result;
|
||||
|
||||
result=mget_word(tmp_hptr);
|
||||
- tmp_hptr+=sizeof(short);
|
||||
+ tmp_hptr+=sizeof(uint16_t);
|
||||
return result;
|
||||
}
|
||||
|
||||
/* Reads four bytes from the header, incrementing the pointer */
|
||||
|
||||
-static unsigned long hget_longword()
|
||||
+static uint32_t hget_longword()
|
||||
{
|
||||
- unsigned long result;
|
||||
+ uint32_t result;
|
||||
|
||||
result=mget_dword(tmp_hptr);
|
||||
- tmp_hptr+=sizeof(unsigned long);
|
||||
+ tmp_hptr+=sizeof(uint32_t);
|
||||
return result;
|
||||
}
|
||||
|
||||
@@ -87,18 +87,18 @@ static unsigned long hget_longword()
|
||||
|
||||
/* Writes two bytes to the header, incrementing the pointer */
|
||||
|
||||
-static void hput_word(unsigned int w)
|
||||
+static void hput_word(uint16_t w)
|
||||
{
|
||||
mput_word(w,tmp_hptr);
|
||||
- tmp_hptr+=sizeof(unsigned short);
|
||||
+ tmp_hptr+=sizeof(uint16_t);
|
||||
}
|
||||
|
||||
/* Writes four bytes to the header, incrementing the pointer */
|
||||
|
||||
-static void hput_longword(unsigned long l)
|
||||
+static void hput_longword(uint32_t l)
|
||||
{
|
||||
mput_dword(l,tmp_hptr);
|
||||
- tmp_hptr+=sizeof(unsigned long);
|
||||
+ tmp_hptr+=sizeof(uint32_t);
|
||||
}
|
||||
|
||||
/* Calculates and stores the basic header size */
|
@ -1,80 +0,0 @@
|
||||
--- arj_proc.c.orig 2005-06-21 19:53:12 UTC
|
||||
+++ arj_proc.c
|
||||
@@ -585,7 +585,7 @@ int search_for_extension(char *name, cha
|
||||
/* Returns the exact amount of data that could be safely written to the
|
||||
destination volume */
|
||||
|
||||
-unsigned long get_volfree(unsigned int increment)
|
||||
+unsigned long get_volfree(unsigned long increment)
|
||||
{
|
||||
unsigned long pvol;
|
||||
unsigned int arjsec_overhead;
|
||||
@@ -605,7 +605,7 @@ unsigned long get_volfree(unsigned int i
|
||||
remain=volume_limit-ftell(aostream)-pvol-(long)arjsec_overhead-
|
||||
(long)out_bytes-(long)cpos-(long)ext_voldata-
|
||||
MULTIVOLUME_RESERVE-t_volume_offset;
|
||||
- return((unsigned long)min(remain, (unsigned long)increment));
|
||||
+ return((unsigned long)min(remain, increment));
|
||||
}
|
||||
|
||||
/* Performs various checks when multivolume data is packed to predict an
|
||||
@@ -2466,14 +2466,14 @@ static int get_str_from_jq()
|
||||
*tsptr='\0';
|
||||
endptr=tsptr;
|
||||
tsptr=sptr;
|
||||
- while((unsigned int)tsptr<(unsigned int)endptr&&patterns<SEARCH_STR_MAX)
|
||||
+ while((intptr_t)tsptr<(intptr_t)endptr&&patterns<SEARCH_STR_MAX)
|
||||
{
|
||||
while(*tsptr=='\0')
|
||||
tsptr++;
|
||||
- if((unsigned int)tsptr<(unsigned int)endptr)
|
||||
+ if((intptr_t)tsptr<(intptr_t)endptr)
|
||||
{
|
||||
search_str[patterns++]=tsptr;
|
||||
- while(*tsptr!='\0'&&(unsigned int)tsptr<(unsigned int)endptr)
|
||||
+ while(*tsptr!='\0'&&(intptr_t)tsptr<(intptr_t)endptr)
|
||||
tsptr++;
|
||||
}
|
||||
}
|
||||
@@ -2901,9 +2901,9 @@ char *ltrim(char *str)
|
||||
#if defined(WORDS_BIGENDIAN)&&!defined(ARJDISP)&&!defined(REGISTER)
|
||||
/* Model-independent routine to get 2 bytes from far RAM */
|
||||
|
||||
-unsigned int mget_word(char FAR *p)
|
||||
+uint16_t mget_word(char FAR *p)
|
||||
{
|
||||
- unsigned int b0, b1;
|
||||
+ uint16_t b0, b1;
|
||||
|
||||
b0=mget_byte(p);
|
||||
b1=mget_byte(p+1);
|
||||
@@ -2912,9 +2912,9 @@ unsigned int mget_word(char FAR *p)
|
||||
|
||||
/* Model-independent routine to get 4 bytes from far RAM */
|
||||
|
||||
-unsigned long mget_dword(char FAR *p)
|
||||
+uint32_t mget_dword(char FAR *p)
|
||||
{
|
||||
- unsigned long w0, w1;
|
||||
+ uint32_t w0, w1;
|
||||
|
||||
w0=mget_word(p);
|
||||
w1=mget_word(p+2);
|
||||
@@ -2923,7 +2923,7 @@ unsigned long mget_dword(char FAR *p)
|
||||
|
||||
/* Model-independent routine to store 2 bytes in far RAM */
|
||||
|
||||
-void mput_word(unsigned int w, char FAR *p)
|
||||
+void mput_word(uint16_t w, char FAR *p)
|
||||
{
|
||||
mput_byte(w&0xFF, p);
|
||||
mput_byte(w>>8 , p+1);
|
||||
@@ -2931,7 +2931,7 @@ void mput_word(unsigned int w, char FAR
|
||||
|
||||
/* Model-independent routine to store 4 bytes in far RAM */
|
||||
|
||||
-void mput_dword(unsigned long d, char FAR *p)
|
||||
+void mput_dword(uint32_t d, char FAR *p)
|
||||
{
|
||||
mput_word(d&0xFFFF, p);
|
||||
mput_word(d>>16 , p+2);
|
@ -1,50 +0,0 @@
|
||||
--- arj_proc.h.orig 2004-01-25 10:39:30 UTC
|
||||
+++ arj_proc.h
|
||||
@@ -8,15 +8,17 @@
|
||||
#ifndef ARJ_PROC_INCLUDED
|
||||
#define ARJ_PROC_INCLUDED
|
||||
|
||||
+#include <stdint.h>
|
||||
+
|
||||
/* Helper macros */
|
||||
|
||||
-#define mget_byte(p) (*(unsigned char FAR *)(p)&0xFF)
|
||||
-#define mput_byte(c, p) *(unsigned char FAR *)(p)=(unsigned char)(c)
|
||||
+#define mget_byte(p) (*(uint8_t FAR *)(p)&0xFF)
|
||||
+#define mput_byte(c, p) *(uint8_t FAR *)(p)=(uint8_t)(c)
|
||||
#ifndef WORDS_BIGENDIAN
|
||||
-#define mget_word(p) (*(unsigned short *)(p)&0xFFFF)
|
||||
-#define mput_word(w,p) (*(unsigned short *)(p)=(unsigned short)(w))
|
||||
-#define mget_dword(p) (*(unsigned long *)(p))
|
||||
-#define mput_dword(w,p) (*(unsigned long *)(p)=(unsigned long)(w))
|
||||
+#define mget_word(p) (*(uint16_t *)(p)&0xFFFF)
|
||||
+#define mput_word(w,p) (*(uint16_t *)(p)=(uint16_t)(w))
|
||||
+#define mget_dword(p) (*(uint32_t *)(p))
|
||||
+#define mput_dword(w,p) (*(uint32_t *)(p)=(uint32_t)(w))
|
||||
#endif
|
||||
|
||||
/* Prototypes */
|
||||
@@ -31,7 +33,7 @@ void copy_bytes(unsigned long nbytes);
|
||||
int translate_path(char *name);
|
||||
void restart_proc(char *dest);
|
||||
int search_for_extension(char *name, char *ext_list);
|
||||
-unsigned long get_volfree(unsigned int increment);
|
||||
+unsigned long get_volfree(unsigned long increment);
|
||||
unsigned int check_multivolume(unsigned int increment);
|
||||
void store();
|
||||
void hollow_encode();
|
||||
@@ -61,10 +63,10 @@ void unpack_mem(struct mempack *mempack)
|
||||
void strip_lf(char *str);
|
||||
char *ltrim(char *str);
|
||||
#ifdef WORDS_BIGENDIAN
|
||||
-unsigned int mget_word(char FAR *p);
|
||||
-unsigned long mget_dword(char FAR *p);
|
||||
-void mput_word(unsigned int w, char FAR *p);
|
||||
-void mput_dword(unsigned long d, char FAR *p);
|
||||
+uint16_t mget_word(char FAR *p);
|
||||
+uint32_t mget_dword(char FAR *p);
|
||||
+void mput_word(uint16_t w, char FAR *p);
|
||||
+void mput_dword(uint32_t d, char FAR *p);
|
||||
#endif
|
||||
|
||||
#endif
|
15
archivers/arj/files/patch-arjtypes.c
Normal file
15
archivers/arj/files/patch-arjtypes.c
Normal file
@ -0,0 +1,15 @@
|
||||
--- arjtypes.c 2005-06-23 UTC
|
||||
+++ arjtypes.c
|
||||
@@ -138,8 +138,11 @@ static int isleapyear(int year)
|
||||
static unsigned long ts_unix2dos(const long ts)
|
||||
{
|
||||
struct tm *stm;
|
||||
+ time_t _ts;
|
||||
|
||||
- stm=arj_localtime((time_t*)&ts);
|
||||
+ _ts = ts;
|
||||
+
|
||||
+ stm=arj_localtime(&_ts);
|
||||
return(get_tstamp(stm->tm_year+1900, stm->tm_mon+1, stm->tm_mday,
|
||||
stm->tm_hour, stm->tm_min, stm->tm_sec));
|
||||
}
|
@ -1,29 +0,0 @@
|
||||
--- fardata.c.orig 2004-04-17 11:39:42 UTC
|
||||
+++ fardata.c
|
||||
@@ -190,7 +190,7 @@ int msg_sprintf(char *str, FMSG *fmt, ..
|
||||
|
||||
/* Length-limited strlen() */
|
||||
|
||||
-static int strnlen(const char FAR *s, int count)
|
||||
+static int _strnlen(const char FAR *s, int count)
|
||||
{
|
||||
const char FAR *sc;
|
||||
|
||||
@@ -569,7 +569,7 @@ int vcprintf(int ccode, FMSG *fmt, va_li
|
||||
if(!s)
|
||||
s="(null)";
|
||||
#endif
|
||||
- len=strnlen(s, precision);
|
||||
+ len=_strnlen(s, precision);
|
||||
if(!(flags&LEFT))
|
||||
{
|
||||
while(len<field_width--)
|
||||
@@ -655,7 +655,7 @@ int vcprintf(int ccode, FMSG *fmt, va_li
|
||||
num=va_arg(args, unsigned long);
|
||||
else if(qualifier=='h')
|
||||
{
|
||||
-#ifdef __linux__
|
||||
+#if defined(__linux__) || defined(__FreeBSD__)
|
||||
if (flags&SIGN)
|
||||
num=va_arg(args, int); /* num=va_arg(args, short); */
|
||||
else
|
Loading…
Reference in New Issue
Block a user