/[gentoo-x86]/net-misc/aget/files/aget-0.4.1-r1.patch
Gentoo

Contents of /net-misc/aget/files/aget-0.4.1-r1.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.1 - (show annotations) (download)
Mon Sep 20 04:08:23 2010 UTC (7 years, 10 months ago) by xmw
Branch: MAIN
CVS Tags: HEAD
Fix buffer overflow (bug #337874)
(Portage version: 2.1.8.3/cvs/Linux x86_64)

1
2 Subsequent snprintf calls treat the buffer as having size GETREQSIZ, so
3 drop the subtraction. Fix for http://bugs.gentoo.org/337874 by Kevin Pyle
4
5 --- aget-0.4.1/Aget.c
6 +++ aget-0.4.1/Aget.c
7 @@ -86,7 +86,7 @@
8 }
9
10 /* Get the starting time, prepare GET format string, and start the threads */
11 - fmt = (char *)calloc(GETREQSIZ - 2, sizeof(char));
12 + fmt = (char *)calloc(GETREQSIZ, sizeof(char));
13 time(&t_start);
14 for (i = 0; i < nthreads; i++) {
15 soffset = calc_offset(req->clength, i, nthreads);
16 @@ -139,7 +139,7 @@
17
18 nthreads = h->nthreads;
19
20 - fmt = (char *)calloc(GETREQSIZ - 2, sizeof(char));
21 + fmt = (char *)calloc(GETREQSIZ, sizeof(char));
22
23 wthread = (struct thread_data *)malloc(nthreads * sizeof(struct thread_data));
24 memcpy(req, &h->req, sizeof(struct request));
25
26 Fix useless memset that set 0 bytes to the value of GETRECVSIZ, rather
27 than setting GETRECVSIZ bytes to the value of 0. By Kevin Pyle.
28
29 --- aget-0.4.1/Download.c
30 +++ aget-0.4.1/Download.c
31 @@ -107,7 +107,7 @@
32 pthread_mutex_unlock(&bwritten_mutex);
33
34 while (td->offset < foffset) {
35 - memset(rbuf, GETRECVSIZ, 0);
36 + memset(rbuf, 0, GETRECVSIZ);
37 dr = recv(sd, rbuf, GETRECVSIZ, 0);
38 if ((td->offset + dr) > foffset)
39 dw = pwrite(td->fd, rbuf, foffset - td->offset, td->offset);
40 --- aget-0.4.1/Head.c 2010-09-20 03:41:27.236019179 +0200
41 +++ aget-0.4.1/Head.c 2010-09-20 03:43:00.087098655 +0200
42 @@ -1,5 +1,4 @@
43 #ifndef SOLARIS
44 -#define _XOPEN_SOURCE 500
45 #endif
46
47
48 --- aget-0.4.1/Misc.c
49 +++ aget-0.4.1/Misc.c
50 @@ -129,7 +129,7 @@
51 fprintf(stderr, "\t\t-h this screen\n");
52 fprintf(stderr, "\t\t-v version info\n");
53 fprintf(stderr, "\n");
54 - fprintf(stderr, "http//www.enderunix.org/aget/\n");
55 + fprintf(stderr, "http://www.enderunix.org/aget/\n");
56 }
57
58 /* reverse a given string */
59 --- aget-0.4.1/Makefile
60 +++ aget-0.4.1/Makefile
61 @@ -2,20 +2,21 @@
62 # http://www.enderunix.org/aget/
63
64 OBJS = main.o Aget.o Misc.o Head.o Signal.o Download.o Resume.o
65 -CFLAGS = -g -W
66 -LDFLAGS = -pthread
67 +CFLAGS +=
68 +LDFLAGS += -pthread
69 CC = gcc
70 STRIP = strip
71
72 -all: $(OBJS)
73 - $(CC) -o aget $(OBJS) $(LDFLAGS)
74 +all: aget
75 +aget: $(OBJS)
76 + $(LINK.o) $^ $(OUTPUT_OPTION)
77
78 strip: $(all)
79 $(STRIP) aget
80
81 install:
82 - cp -f aget /usr/local/bin/aget
83 - cp -f aget.1 /usr/share/man/man1/
84 + install -m 0755 -D aget $(DESTDIR)/usr/bin/aget
85 + install -m 0644 -D aget.1 $(DESTDIR)/usr/share/man/man1/aget.1
86
87 clean:
88 rm -f aget *.o core.* *~

  ViewVC Help
Powered by ViewVC 1.1.20