1 |
commit: ff36e4f6862f3949e3bfedd7bb352cd9d0602ffe |
2 |
Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Mar 30 17:02:56 2019 +0000 |
4 |
Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Mar 30 17:02:56 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ff36e4f6 |
7 |
|
8 |
mail-filter/procmail: replace patch for CVE-2014-3618 |
9 |
|
10 |
Fixes an infinite loop. |
11 |
|
12 |
Bug: https://bugs.gentoo.org/638108 |
13 |
Package-Manager: Portage-2.3.62, Repoman-2.3.12 |
14 |
Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org> |
15 |
|
16 |
.../files/procmail-3.22-CVE-2014-3618.patch | 18 ++++++++++++++++ |
17 |
.../files/procmail-3.22-CVE-2017-16844.patch | 13 +++++++++++ |
18 |
.../files/procmail-CVE-2014-3618-16844.patch | 25 ---------------------- |
19 |
...il-3.22-r13.ebuild => procmail-3.22-r14.ebuild} | 3 ++- |
20 |
4 files changed, 33 insertions(+), 26 deletions(-) |
21 |
|
22 |
diff --git a/mail-filter/procmail/files/procmail-3.22-CVE-2014-3618.patch b/mail-filter/procmail/files/procmail-3.22-CVE-2014-3618.patch |
23 |
new file mode 100644 |
24 |
index 00000000000..124d1f99685 |
25 |
--- /dev/null |
26 |
+++ b/mail-filter/procmail/files/procmail-3.22-CVE-2014-3618.patch |
27 |
@@ -0,0 +1,18 @@ |
28 |
+diff --git a/src/formisc.c b/src/formisc.c |
29 |
+index 338733b..c48df52 100644 |
30 |
+--- a/src/formisc.c |
31 |
++++ b/src/formisc.c |
32 |
+@@ -84,12 +84,11 @@ normal: *target++= *start++; |
33 |
+ case '"':*target++=delim='"';start++; |
34 |
+ } |
35 |
+ ;{ int i; |
36 |
+- do |
37 |
++ while(*start) /* anything? */ |
38 |
+ if((i= *target++= *start++)==delim) /* corresponding delimiter? */ |
39 |
+ break; |
40 |
+ else if(i=='\\'&&*start) /* skip quoted character */ |
41 |
+ *target++= *start++; |
42 |
+- while(*start); /* anything? */ |
43 |
+ } |
44 |
+ hitspc=2; |
45 |
+ } |
46 |
|
47 |
diff --git a/mail-filter/procmail/files/procmail-3.22-CVE-2017-16844.patch b/mail-filter/procmail/files/procmail-3.22-CVE-2017-16844.patch |
48 |
new file mode 100644 |
49 |
index 00000000000..5e610d723da |
50 |
--- /dev/null |
51 |
+++ b/mail-filter/procmail/files/procmail-3.22-CVE-2017-16844.patch |
52 |
@@ -0,0 +1,13 @@ |
53 |
+diff --git a/src/formisc.c b/src/formisc.c |
54 |
+index 5c2869d..54fd013 100644 |
55 |
+--- a/src/formisc.c |
56 |
++++ b/src/formisc.c |
57 |
+@@ -103,7 +103,7 @@ void loadsaved(sp)const struct saved*const sp; /* load some saved text */ |
58 |
+ } |
59 |
+ /* append to buf */ |
60 |
+ void loadbuf(text,len)const char*const text;const size_t len; |
61 |
+-{ if(buffilled+len>buflen) /* buf can't hold the text */ |
62 |
++{ while(buffilled+len>buflen) /* buf can't hold the text */ |
63 |
+ buf=realloc(buf,buflen+=Bsize); |
64 |
+ tmemmove(buf+buffilled,text,len);buffilled+=len; |
65 |
+ } |
66 |
|
67 |
diff --git a/mail-filter/procmail/files/procmail-CVE-2014-3618-16844.patch b/mail-filter/procmail/files/procmail-CVE-2014-3618-16844.patch |
68 |
deleted file mode 100644 |
69 |
index 4f1714063c9..00000000000 |
70 |
--- a/mail-filter/procmail/files/procmail-CVE-2014-3618-16844.patch |
71 |
+++ /dev/null |
72 |
@@ -1,25 +0,0 @@ |
73 |
---- a/src/formisc.c 2019-03-23 19:52:18.450174402 -0400 |
74 |
-+++ b/src/formisc.c 2019-03-23 19:52:47.914351039 -0400 |
75 |
-@@ -84,12 +84,11 @@ |
76 |
- case '"':*target++=delim='"';start++; |
77 |
- } |
78 |
- ;{ int i; |
79 |
-- do |
80 |
-+ while(*start); |
81 |
- if((i= *target++= *start++)==delim) /* corresponding delimiter? */ |
82 |
- break; |
83 |
- else if(i=='\\'&&*start) /* skip quoted character */ |
84 |
- *target++= *start++; |
85 |
-- while(*start); /* anything? */ |
86 |
- } |
87 |
- hitspc=2; |
88 |
- } |
89 |
-@@ -104,7 +103,7 @@ |
90 |
- } |
91 |
- /* append to buf */ |
92 |
- void loadbuf(text,len)const char*const text;const size_t len; |
93 |
--{ if(buffilled+len>buflen) /* buf can't hold the text */ |
94 |
-+{ while(buffilled+len>buflen) /* buf can't hold the text */ |
95 |
- buf=realloc(buf,buflen+=Bsize); |
96 |
- tmemmove(buf+buffilled,text,len);buffilled+=len; |
97 |
- } |
98 |
|
99 |
diff --git a/mail-filter/procmail/procmail-3.22-r13.ebuild b/mail-filter/procmail/procmail-3.22-r14.ebuild |
100 |
similarity index 97% |
101 |
rename from mail-filter/procmail/procmail-3.22-r13.ebuild |
102 |
rename to mail-filter/procmail/procmail-3.22-r14.ebuild |
103 |
index 9534c350bf8..d99a4ffde72 100644 |
104 |
--- a/mail-filter/procmail/procmail-3.22-r13.ebuild |
105 |
+++ b/mail-filter/procmail/procmail-3.22-r14.ebuild |
106 |
@@ -56,7 +56,8 @@ src_prepare() { |
107 |
eapply "${FILESDIR}/${PN}-3.22-glibc-2.10.patch" |
108 |
|
109 |
# Fix security bugs #522114 and #638108 |
110 |
- eapply "${FILESDIR}/${PN}-CVE-2014-3618-16844.patch" |
111 |
+ eapply "${FILESDIR}/${PN}-3.22-CVE-2014-3618.patch" |
112 |
+ eapply "${FILESDIR}/${PN}-3.22-CVE-2017-16844.patch" |
113 |
|
114 |
eapply "${FILESDIR}/${PN}-3.22-crash-fix.patch" |