head 1.3; access; symbols pkgsrc-2026Q1:1.3.0.96 pkgsrc-2026Q1-base:1.3 pkgsrc-2025Q4:1.3.0.94 pkgsrc-2025Q4-base:1.3 pkgsrc-2025Q3:1.3.0.92 pkgsrc-2025Q3-base:1.3 pkgsrc-2025Q2:1.3.0.90 pkgsrc-2025Q2-base:1.3 pkgsrc-2025Q1:1.3.0.88 pkgsrc-2025Q1-base:1.3 pkgsrc-2024Q4:1.3.0.86 pkgsrc-2024Q4-base:1.3 pkgsrc-2024Q3:1.3.0.84 pkgsrc-2024Q3-base:1.3 pkgsrc-2024Q2:1.3.0.82 pkgsrc-2024Q2-base:1.3 pkgsrc-2024Q1:1.3.0.80 pkgsrc-2024Q1-base:1.3 pkgsrc-2023Q4:1.3.0.78 pkgsrc-2023Q4-base:1.3 pkgsrc-2023Q3:1.3.0.76 pkgsrc-2023Q3-base:1.3 pkgsrc-2023Q2:1.3.0.74 pkgsrc-2023Q2-base:1.3 pkgsrc-2023Q1:1.3.0.72 pkgsrc-2023Q1-base:1.3 pkgsrc-2022Q4:1.3.0.70 pkgsrc-2022Q4-base:1.3 pkgsrc-2022Q3:1.3.0.68 pkgsrc-2022Q3-base:1.3 pkgsrc-2022Q2:1.3.0.66 pkgsrc-2022Q2-base:1.3 pkgsrc-2022Q1:1.3.0.64 pkgsrc-2022Q1-base:1.3 pkgsrc-2021Q4:1.3.0.62 pkgsrc-2021Q4-base:1.3 pkgsrc-2021Q3:1.3.0.60 pkgsrc-2021Q3-base:1.3 pkgsrc-2021Q2:1.3.0.58 pkgsrc-2021Q2-base:1.3 pkgsrc-2021Q1:1.3.0.56 pkgsrc-2021Q1-base:1.3 pkgsrc-2020Q4:1.3.0.54 pkgsrc-2020Q4-base:1.3 pkgsrc-2020Q3:1.3.0.52 pkgsrc-2020Q3-base:1.3 pkgsrc-2020Q2:1.3.0.48 pkgsrc-2020Q2-base:1.3 pkgsrc-2020Q1:1.3.0.28 pkgsrc-2020Q1-base:1.3 pkgsrc-2019Q4:1.3.0.50 pkgsrc-2019Q4-base:1.3 pkgsrc-2019Q3:1.3.0.46 pkgsrc-2019Q3-base:1.3 pkgsrc-2019Q2:1.3.0.44 pkgsrc-2019Q2-base:1.3 pkgsrc-2019Q1:1.3.0.42 pkgsrc-2019Q1-base:1.3 pkgsrc-2018Q4:1.3.0.40 pkgsrc-2018Q4-base:1.3 pkgsrc-2018Q3:1.3.0.38 pkgsrc-2018Q3-base:1.3 pkgsrc-2018Q2:1.3.0.36 pkgsrc-2018Q2-base:1.3 pkgsrc-2018Q1:1.3.0.34 pkgsrc-2018Q1-base:1.3 pkgsrc-2017Q4:1.3.0.32 pkgsrc-2017Q4-base:1.3 pkgsrc-2017Q3:1.3.0.30 pkgsrc-2017Q3-base:1.3 pkgsrc-2017Q2:1.3.0.26 pkgsrc-2017Q2-base:1.3 pkgsrc-2017Q1:1.3.0.24 pkgsrc-2017Q1-base:1.3 pkgsrc-2016Q4:1.3.0.22 pkgsrc-2016Q4-base:1.3 pkgsrc-2016Q3:1.3.0.20 pkgsrc-2016Q3-base:1.3 pkgsrc-2016Q2:1.3.0.18 pkgsrc-2016Q2-base:1.3 pkgsrc-2016Q1:1.3.0.16 pkgsrc-2016Q1-base:1.3 pkgsrc-2015Q4:1.3.0.14 pkgsrc-2015Q4-base:1.3 pkgsrc-2015Q3:1.3.0.12 pkgsrc-2015Q3-base:1.3 pkgsrc-2015Q2:1.3.0.10 pkgsrc-2015Q2-base:1.3 pkgsrc-2015Q1:1.3.0.8 pkgsrc-2015Q1-base:1.3 pkgsrc-2014Q4:1.3.0.6 pkgsrc-2014Q4-base:1.3 pkgsrc-2014Q3:1.3.0.4 pkgsrc-2014Q3-base:1.3 pkgsrc-2014Q2:1.3.0.2 pkgsrc-2014Q2-base:1.3 pkgsrc-2014Q1:1.2.0.40 pkgsrc-2014Q1-base:1.2 pkgsrc-2013Q4:1.2.0.38 pkgsrc-2013Q4-base:1.2 pkgsrc-2013Q3:1.2.0.36 pkgsrc-2013Q3-base:1.2 pkgsrc-2013Q2:1.2.0.34 pkgsrc-2013Q2-base:1.2 pkgsrc-2013Q1:1.2.0.32 pkgsrc-2013Q1-base:1.2 pkgsrc-2012Q4:1.2.0.30 pkgsrc-2012Q4-base:1.2 pkgsrc-2012Q3:1.2.0.28 pkgsrc-2012Q3-base:1.2 pkgsrc-2012Q2:1.2.0.26 pkgsrc-2012Q2-base:1.2 pkgsrc-2012Q1:1.2.0.24 pkgsrc-2012Q1-base:1.2 pkgsrc-2011Q4:1.2.0.22 pkgsrc-2011Q4-base:1.2 pkgsrc-2011Q3:1.2.0.20 pkgsrc-2011Q3-base:1.2 pkgsrc-2011Q2:1.2.0.18 pkgsrc-2011Q2-base:1.2 pkgsrc-2011Q1:1.2.0.16 pkgsrc-2011Q1-base:1.2 pkgsrc-2010Q4:1.2.0.14 pkgsrc-2010Q4-base:1.2 pkgsrc-2010Q3:1.2.0.12 pkgsrc-2010Q3-base:1.2 pkgsrc-2010Q2:1.2.0.10 pkgsrc-2010Q2-base:1.2 pkgsrc-2010Q1:1.2.0.8 pkgsrc-2010Q1-base:1.2 pkgsrc-2009Q4:1.2.0.6 pkgsrc-2009Q4-base:1.2 pkgsrc-2009Q3:1.2.0.4 pkgsrc-2009Q3-base:1.2 pkgsrc-2009Q2:1.2.0.2 pkgsrc-2009Q2-base:1.2 pkgsrc-2009Q1:1.1.0.28 pkgsrc-2009Q1-base:1.1 pkgsrc-2008Q4:1.1.0.26 pkgsrc-2008Q4-base:1.1 pkgsrc-2008Q3:1.1.0.24 pkgsrc-2008Q3-base:1.1 cube-native-xorg:1.1.0.22 cube-native-xorg-base:1.1 pkgsrc-2008Q2:1.1.0.20 pkgsrc-2008Q2-base:1.1 cwrapper:1.1.0.18 pkgsrc-2008Q1:1.1.0.16 pkgsrc-2008Q1-base:1.1 pkgsrc-2007Q4:1.1.0.14 pkgsrc-2007Q4-base:1.1 pkgsrc-2007Q3:1.1.0.12 pkgsrc-2007Q3-base:1.1 pkgsrc-2007Q2:1.1.0.10 pkgsrc-2007Q2-base:1.1 pkgsrc-2007Q1:1.1.0.8 pkgsrc-2007Q1-base:1.1 pkgsrc-2006Q4:1.1.0.6 pkgsrc-2006Q4-base:1.1 pkgsrc-2006Q3:1.1.0.4 pkgsrc-2006Q3-base:1.1 pkgsrc-2006Q2:1.1.0.2; locks; strict; comment @# @; 1.3 date 2014.06.29.03.24.33; author dholland; state Exp; branches; next 1.2; commitid dAOCmZVKKArfNmGx; 1.2 date 2009.04.25.23.46.47; author gdt; state Exp; branches; next 1.1; 1.1 date 2006.07.19.19.34.37; author adrianp; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2006.07.19.19.34.37; author salo; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2006.07.30.12.14.14; author salo; state Exp; branches; next ; desc @@ 1.3 log @Assorted basic legacy code fixes - ctype.h stuff, implicit int, use standard headers, etc. "time_t" is not "long". Don't issue own declarations of standard functions. Should fix Solaris build. @ text @$NetBSD: patch-ak,v 1.2 2009/04/25 23:46:47 gdt Exp $ - use correctly - avoid string overflow --- misc.c.orig 1991-07-16 15:52:54.000000000 +0000 +++ misc.c @@@@ -41,7 +41,7 @@@@ char *str; char *p; retval = 0L; p = str; /* save for error message */ - while (isdigit(*str)) { + while (isdigit((unsigned char)*str)) { retval = retval * 10L + (*str-'0'); str++; } @@@@ -135,11 +135,17 @@@@ if available, else the short filename is char *fullpath (direntry) struct direntry *direntry; { - static char result[PATHSIZE]; + static char result[PATHSIZE+LFNAMESIZE+12]; /* Room for enough space.*/ combine (result, direntry->dirlen != 0 ? direntry->dirname : "", (direntry->namlen != 0) ? direntry->lfname : direntry->fname ); + + if (strlen (result) >= PATHSIZE) { + prterror ('f', "Combined dirname and filename too long!\n"); + *result = '\0'; + } + return (result); } @ 1.2 log @Apply massive patch from PR pkgsrc/38449 by Olaf 'Rhialto' Seibert. @ text @d1 1 a1 1 $NetBSD: patch-ak,v 1.1 2006/07/19 19:34:37 adrianp Exp $ d3 4 a6 1 --- misc.c.orig 1991-07-16 17:52:54.000000000 +0200 d8 9 @ 1.1 log @Add a patch for CVE-2006-0855 via Gentoo/Fedora Bump to nb2 @ text @d1 1 a1 1 $NetBSD$ d3 1 a3 1 --- misc.c.orig 1991-07-16 16:52:54.000000000 +0100 @ 1.1.2.1 log @file patch-ak was added on branch pkgsrc-2006Q2 on 2006-07-19 19:34:37 +0000 @ text @d1 23 @ 1.1.2.2 log @Pullup ticket 1758 - requested by adrianp security fix for zoo Revisions pulled up: - pkgsrc/archivers/zoo/Makefile 1.27 - pkgsrc/archivers/zoo/distinfo 1.8 - pkgsrc/archivers/zoo/patches/patch-ak 1.1 Module Name: pkgsrc Committed By: adrianp Date: Wed Jul 19 19:34:38 UTC 2006 Modified Files: pkgsrc/archivers/zoo: Makefile distinfo Added Files: pkgsrc/archivers/zoo/patches: patch-ak Log Message: Add a patch for CVE-2006-0855 via Gentoo/Fedora Bump to nb2 @ text @a0 23 $NetBSD: patch-ak,v 1.1.2.1 2006/07/30 12:14:14 salo Exp $ --- misc.c.orig 1991-07-16 16:52:54.000000000 +0100 +++ misc.c @@@@ -135,11 +135,17 @@@@ if available, else the short filename is char *fullpath (direntry) struct direntry *direntry; { - static char result[PATHSIZE]; + static char result[PATHSIZE+LFNAMESIZE+12]; /* Room for enough space.*/ combine (result, direntry->dirlen != 0 ? direntry->dirname : "", (direntry->namlen != 0) ? direntry->lfname : direntry->fname ); + + if (strlen (result) >= PATHSIZE) { + prterror ('f', "Combined dirname and filename too long!\n"); + *result = '\0'; + } + return (result); } @