Date: Thu, 12 Oct 2017 11:04:08 +0000 (UTC) From: Stefan Esser <se@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r451849 - head/security/cvechecker/files Message-ID: <201710121104.v9CB48oG036191@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: se Date: Thu Oct 12 11:04:07 2017 New Revision: 451849 URL: https://svnweb.freebsd.org/changeset/ports/451849 Log: Add post release patch (will become obsolete with next release). Added: head/security/cvechecker/files/patch-src_cvecheck.c (contents, props changed) Added: head/security/cvechecker/files/patch-src_cvecheck.c ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/security/cvechecker/files/patch-src_cvecheck.c Thu Oct 12 11:04:07 2017 (r451849) @@ -0,0 +1,49 @@ +--- src/cvecheck.c.orig 2017-03-27 16:42:38 UTC ++++ src/cvecheck.c +@@ -1170,15 +1170,11 @@ int load_watch_list(struct workstate * ws) { + rc = delete_cpe(line, ws); + if (rc) { + fprintf(stderr, " ! An error occurred while interpreting CPE on line %d\n", linenum-1); +- zero_string(line, CPELINESIZE); +- continue; + }; + } else { + rc = add_cpe(line, ws); + if (rc) { + fprintf(stderr, " ! An error occurred while interpreting CPE on line %d\n", linenum-1); +- zero_string(line, CPELINESIZE); +- continue; + }; + }; + zero_string(line, CPELINESIZE); +@@ -1366,9 +1362,9 @@ int load_cve(struct workstate * ws) { + fieldCounter = 0; + + // Split based on ':' character ++ int invalid_line = 0; + while (sscanf(bufferptr, "%[^:]s", field) == 1) { + int fieldLength = swstrlen(field); // Capture field length up front as strtok_r modifies the string +- + if (fieldCounter == 0) { + // Should be "CVE-####-####+" (CVE identifier) + char * sCVE; +@@ -1431,7 +1427,8 @@ int load_cve(struct workstate * ws) { + (strncmp(field, "/o", 2) != 0) && + (strncmp(field, "/h", 2) != 0) ) { + fprintf(stderr, " ! Error while reading in CVE entries: CPE type in line %d is not one of a/o/h\n", linenum); +- return 1; ++ invalid_line = 1; ++ break; + } + snprintf(tmpCpeId, 3, "%s", field); + +@@ -1463,7 +1460,8 @@ int load_cve(struct workstate * ws) { + bufferptr = bufferptr + fieldLength + 1; + ++fieldCounter; + } +- ++ if (invalid_line) ++ continue; + // Build the CPE up + snprintf(cpeId, CPELINESIZE, "cpe:%s:%s:%s:%s:%s:%s:%s", tmpCpeId, tmpCpeVendor, tmpCpeProduct, tmpCpeVersion, tmpCpeUpdate, tmpCpeEdition, tmpCpeLanguage); +
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201710121104.v9CB48oG036191>