head 1.6; access; symbols pkgsrc-2013Q2:1.6.0.4 pkgsrc-2013Q2-base:1.6 pkgsrc-2012Q4:1.6.0.2 pkgsrc-2012Q4-base:1.6 pkgsrc-2012Q3:1.5.0.20 pkgsrc-2012Q3-base:1.5 pkgsrc-2012Q2:1.5.0.18 pkgsrc-2012Q2-base:1.5 pkgsrc-2012Q1:1.5.0.16 pkgsrc-2012Q1-base:1.5 pkgsrc-2011Q4:1.5.0.14 pkgsrc-2011Q4-base:1.5 pkgsrc-2011Q3:1.5.0.12 pkgsrc-2011Q3-base:1.5 pkgsrc-2011Q2:1.5.0.10 pkgsrc-2011Q2-base:1.5 pkgsrc-2011Q1:1.5.0.8 pkgsrc-2011Q1-base:1.5 pkgsrc-2010Q4:1.5.0.6 pkgsrc-2010Q4-base:1.5 pkgsrc-2010Q3:1.5.0.4 pkgsrc-2010Q3-base:1.5 pkgsrc-2010Q2:1.5.0.2 pkgsrc-2009Q4:1.3.0.10 pkgsrc-2009Q4-base:1.3 pkgsrc-2009Q3:1.3.0.8 pkgsrc-2009Q3-base:1.3 pkgsrc-2009Q2:1.3.0.6 pkgsrc-2009Q2-base:1.3 pkgsrc-2009Q1:1.3.0.4 pkgsrc-2009Q1-base:1.3 pkgsrc-2008Q4:1.3.0.2 pkgsrc-2008Q4-base:1.3; locks; strict; comment @# @; 1.6 date 2012.11.03.01.54.55; author ryoon; state dead; branches; next 1.5; 1.5 date 2010.07.24.12.51.09; author tron; state Exp; branches 1.5.2.1; next 1.4; 1.4 date 2010.02.01.15.05.58; author jmcneill; state dead; branches; next 1.3; 1.3 date 2008.12.23.19.29.29; author jmcneill; state Exp; branches; next 1.2; 1.2 date 2008.12.20.17.53.51; author jmcneill; state Exp; branches; next 1.1; 1.1 date 2008.12.20.16.10.25; author ahoka; state Exp; branches; next ; 1.5.2.1 date 2010.07.24.12.51.09; author spz; state dead; branches; next 1.5.2.2; 1.5.2.2 date 2010.07.25.13.16.12; author spz; state Exp; branches; next ; desc @@ 1.6 log @Update to 2.1 * Tested on NetBSD/i386 5.1, /i386 6.0, and /amd64 6.99.13 * Also tested on OpenIndiana/i386 151a7, but my environment lacks audio device, so I cannot check audio output * Tested with multimedia/mplayer's -ao pulse option, works fine * Add gm4 to USE_TOOLS for OpenIndiana build Changelog: Many changes. See http://www.freedesktop.org/wiki/Software/PulseAudio . @ text @$NetBSD: patch-bb,v 1.5 2010/07/24 12:51:09 tron Exp $ Fix for security vulnerability reported in CVE-2009-1299, taken from here: http://git.0pointer.de/?p=pulseaudio.git;a=patch;h=d3efa43d85ac132c6a5a416a2b6f2115f5d577ee --- src/pulsecore/core-util.c.orig 2009-11-23 03:57:07.000000000 +0000 +++ src/pulsecore/core-util.c 2010-07-24 13:33:30.000000000 +0100 @@@@ -196,7 +196,7 @@@@ /** Creates a directory securely */ int pa_make_secure_dir(const char* dir, mode_t m, uid_t uid, gid_t gid) { struct stat st; - int r, saved_errno; + int r, saved_errno, fd; pa_assert(dir); @@@@ -214,16 +214,45 @@@@ if (r < 0 && errno != EEXIST) return -1; -#ifdef HAVE_CHOWN +#ifdef HAVE_FSTAT + if ((fd = open(dir, +#ifdef O_CLOEXEC + O_CLOEXEC| +#endif +#ifdef O_NOCTTY + O_NOCTTY| +#endif +#ifdef O_NOFOLLOW + O_NOFOLLOW| +#endif + O_RDONLY)) < 0) + goto fail; + + if (fstat(fd, &st) < 0) { + pa_assert_se(pa_close(fd) >= 0); + goto fail; + } + + if (!S_ISDIR(st.st_mode)) { + pa_assert_se(pa_close(fd) >= 0); + errno = EEXIST; + goto fail; + } + +#ifdef HAVE_FCHOWN if (uid == (uid_t)-1) uid = getuid(); if (gid == (gid_t)-1) gid = getgid(); - (void) chown(dir, uid, gid); + (void) fchown(fd, uid, gid); +#endif + +#ifdef HAVE_FCHMOD + (void) fchmod(fd, m); #endif -#ifdef HAVE_CHMOD - chmod(dir, m); + pa_assert_se(pa_close(fd) >= 0); + #endif #ifdef HAVE_LSTAT @ 1.5 log @Add fix for symlink race reported in CVE-2009-1299 taken from Lennart Poettering's GIT repository. @ text @d1 1 a1 1 $NetBSD$ @ 1.5.2.1 log @file patch-bb was added on branch pkgsrc-2010Q2 on 2010-07-25 13:16:12 +0000 @ text @d1 67 @ 1.5.2.2 log @Pullup ticket 3182 - requested by tron security patch Revisions pulled up: - pkgsrc/audio/pulseaudio/Makefile 1.38 - pkgsrc/audio/pulseaudio/distinfo 1.21 Files added: pkgsrc/audio/pulseaudio/patches/patch-ba pkgsrc/audio/pulseaudio/patches/patch-bb ------------------------------------------------------------------------- Module Name: pkgsrc Committed By: tron Date: Sat Jul 24 12:51:09 UTC 2010 Modified Files: pkgsrc/audio/pulseaudio: Makefile distinfo Added Files: pkgsrc/audio/pulseaudio/patches: patch-ba patch-bb Log Message: Add fix for symlink race reported in CVE-2009-1299 taken from Lennart Poettering's GIT repository. To generate a diff of this commit: cvs rdiff -u -r1.37 -r1.38 pkgsrc/audio/pulseaudio/Makefile cvs rdiff -u -r1.20 -r1.21 pkgsrc/audio/pulseaudio/distinfo cvs rdiff -u -r0 -r1.6 pkgsrc/audio/pulseaudio/patches/patch-ba cvs rdiff -u -r0 -r1.5 pkgsrc/audio/pulseaudio/patches/patch-bb @ text @a0 67 $NetBSD: patch-bb,v 1.5 2010/07/24 12:51:09 tron Exp $ Fix for security vulnerability reported in CVE-2009-1299, taken from here: http://git.0pointer.de/?p=pulseaudio.git;a=patch;h=d3efa43d85ac132c6a5a416a2b6f2115f5d577ee --- src/pulsecore/core-util.c.orig 2009-11-23 03:57:07.000000000 +0000 +++ src/pulsecore/core-util.c 2010-07-24 13:33:30.000000000 +0100 @@@@ -196,7 +196,7 @@@@ /** Creates a directory securely */ int pa_make_secure_dir(const char* dir, mode_t m, uid_t uid, gid_t gid) { struct stat st; - int r, saved_errno; + int r, saved_errno, fd; pa_assert(dir); @@@@ -214,16 +214,45 @@@@ if (r < 0 && errno != EEXIST) return -1; -#ifdef HAVE_CHOWN +#ifdef HAVE_FSTAT + if ((fd = open(dir, +#ifdef O_CLOEXEC + O_CLOEXEC| +#endif +#ifdef O_NOCTTY + O_NOCTTY| +#endif +#ifdef O_NOFOLLOW + O_NOFOLLOW| +#endif + O_RDONLY)) < 0) + goto fail; + + if (fstat(fd, &st) < 0) { + pa_assert_se(pa_close(fd) >= 0); + goto fail; + } + + if (!S_ISDIR(st.st_mode)) { + pa_assert_se(pa_close(fd) >= 0); + errno = EEXIST; + goto fail; + } + +#ifdef HAVE_FCHOWN if (uid == (uid_t)-1) uid = getuid(); if (gid == (gid_t)-1) gid = getgid(); - (void) chown(dir, uid, gid); + (void) fchown(fd, uid, gid); +#endif + +#ifdef HAVE_FCHMOD + (void) fchmod(fd, m); #endif -#ifdef HAVE_CHMOD - chmod(dir, m); + pa_assert_se(pa_close(fd) >= 0); + #endif #ifdef HAVE_LSTAT @ 1.4 log @gc old patches, no longer necessary for pa 0.9.21 @ text @d1 1 a1 1 $NetBSD: patch-bb,v 1.3 2008/12/23 19:29:29 jmcneill Exp $ d3 14 a16 5 --- src/pulsecore/atomic.h.orig 2008-09-03 17:13:44.000000000 -0400 +++ src/pulsecore/atomic.h 2008-12-23 14:13:35.000000000 -0500 @@@@ -107,6 +107,85 @@@@ static inline pa_bool_t pa_atomic_ptr_cm return __sync_bool_compare_and_swap(&a->value, (long) old_p, (long) new_p); } d18 46 a63 78 +#elif defined(__NetBSD__) && defined(HAVE_SYS_ATOMIC_H) + +/* NetBSD 5.0+ atomic_ops(3) implementation */ + +#include + +typedef struct pa_atomic { + volatile unsigned int value; +} pa_atomic_t; + +#define PA_ATOMIC_INIT(v) { .value = (unsigned int) (v) } + +static inline int pa_atomic_load(const pa_atomic_t *a) { + membar_sync(); + return (int) a->value; +} + +static inline void pa_atomic_store(pa_atomic_t *a, int i) { + a->value = (unsigned int) i; + membar_sync(); +} + +/* Returns the previously set value */ +static inline int pa_atomic_add(pa_atomic_t *a, int i) { + int nv = (int)atomic_add_int_nv(&a->value, i); + return nv - i; +} + +/* Returns the previously set value */ +static inline int pa_atomic_sub(pa_atomic_t *a, int i) { + int nv = (int)atomic_add_int_nv(&a->value, -i); + return nv + i; +} + +/* Returns the previously set value */ +static inline int pa_atomic_inc(pa_atomic_t *a) { + int nv = (int)atomic_inc_uint_nv(&a->value); + return nv - 1; +} + +/* Returns the previously set value */ +static inline int pa_atomic_dec(pa_atomic_t *a) { + int nv = (int)atomic_dec_uint_nv(&a->value); + return nv + 1; +} + +/* Returns TRUE when the operation was successful. */ +static inline pa_bool_t pa_atomic_cmpxchg(pa_atomic_t *a, int old_i, int new_i) { + unsigned int r = atomic_cas_uint(&a->value, (unsigned int) old_i, (unsigned int) new_i); + if ((int) r == old_i) + return TRUE; + else + return FALSE; +} + +typedef struct pa_atomic_ptr { + volatile void *value; +} pa_atomic_ptr_t; + +#define PA_ATOMIC_PTR_INIT(v) { .value = (v) } + +static inline void* pa_atomic_ptr_load(const pa_atomic_ptr_t *a) { + membar_sync(); + return (void *) a->value; +} + +static inline void pa_atomic_ptr_store(pa_atomic_ptr_t *a, void *p) { + a->value = p; + membar_sync(); +} + +static inline pa_bool_t pa_atomic_ptr_cmpxchg(pa_atomic_ptr_t *a, void *old_p, void* new_p) { + void *r = atomic_cas_ptr(&a->value, old_p, new_p); + if (r == old_p) + return TRUE; + else + return FALSE; +} d65 1 a65 1 #elif defined(__GNUC__) && (defined(__amd64__) || defined(__x86_64__)) d67 1 a67 1 #warn "The native atomic operations implementation for AMD64 has not been tested thoroughly. libatomic_ops is known to not work properly on AMD64 and your gcc version is too old for the gcc-builtin atomic ops support. You have three options now: test the native atomic operations implementation for AMD64, fix libatomic_ops, or upgrade your GCC." @ 1.3 log @Fix build on NetBSD 4.0. @ text @d1 1 a1 1 $NetBSD$ @ 1.2 log @Make NetBSD native atomic ops support work. @ text @d4 1 a4 1 +++ src/pulsecore/atomic.h 2008-12-20 12:35:13.000000000 -0500 d9 1 a9 1 +#elif defined(NETBSD_ATOMIC_OPS) @ 1.1 log @Implement support for atomic_ops(3) backend. This gives us native atomic operations on NetBSD 5.0 and later systems. Use GCC's builtin atomic operations when possible and libatomic_ops as a last case fallback. @ text @d3 3 a5 3 --- src/pulsecore/atomic.h.orig 2008-09-03 23:13:44.000000000 +0200 +++ src/pulsecore/atomic.h @@@@ -107,6 +107,81 @@@@ static inline pa_bool_t pa_atomic_ptr_cm d33 2 a34 1 + return (int) atomic_add_int_nv(&a->value, i); d39 2 a40 1 + return (int) atomic_add_int_nv(&a->value, -i); d45 2 a46 1 + return (int) atomic_inc_uint_nv(&a->value); d51 2 a52 1 + return (int) atomic_dec_uint_nv(&a->value); @