From nobody Mon Aug 19 16:06:09 2024 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4WncsF3n4Nz5TH25; Mon, 19 Aug 2024 16:06:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4WncsF3G5wz49xV; Mon, 19 Aug 2024 16:06:09 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724083569; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=gvrcCnMKv5/hjG3Cv1gBo6E0ajOWl3qvZVKUubZkVm4=; b=oDUogDp8bEbn6B/zPRWDsyOkvK44fPJ2J5nWgiXRmo6uCvwCi8yrXB349WFz6Pe3cJ3DgQ xwJpYIuIdjQtPlFidN9MGXirkaV0fxo7bHWyBJvQa+dX6xXYXP6YOBCzeCN7lEaSH2mpzi 9TWQzSucz42m1y0baYlcIL2YfDoCbLRVkrhiwEGy5WyyqEvgSmpGJWZhqhALRxlgmYSUtQ sfXlnpUBnSk7YP3DXm0W2YnPAa/EnZ1pqlcOBrhVLfTOHn0ItbakCmmfxdD0WuA8jS5Qo/ TeUVktu0NfTH1yHt2RudZIdnr5H9amTYyYLCDnDfA8uj0Ad/kchM8sfyPRkphA== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724083569; a=rsa-sha256; cv=none; b=iQbsuGChquvkmK0eucQSVIXmKQZnqIYYhJKoOqzbQsDR1dym8/P8rvX3Jyz5f6emWDrOHu Fd90bOGys9NBrI0s1PgZWGZDSjoLbs34+x4DQP/zN+CVI2hf27iMSXfBs1K9d9+qXrlIXC xCk491wblh54CAuFB//dIOqj1tEnw6gbnRw/CU1mlsY8FhqDPqGDBVectrkSS+XyTlYhcr ZO3i66/zkyeqRxYDk8SfhTM1KzeTolNbvp/qwU0ZepKKZXB0igM527dnaH5HEwzpKhOkgL U0tKHszamV8A5pHPyLsrQmVmtwm2C0B8cJ37ddW1+JHYkY5dxwzvA3Ey1jhHyw== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724083569; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=gvrcCnMKv5/hjG3Cv1gBo6E0ajOWl3qvZVKUubZkVm4=; b=jN7+v65ikt5m29nC4hVTPdYWGzazT0KmkOIDZx5I7/1GE2tkzkyp1fc1dMKDhpTopxg1Cb VmVkVTXa3Zw2NI13QumZ17OJlAYSreOGT6Pwu48wbaGnM2S5UURjW26bNjZutcQRUKmi1V ajXeAVGOAK7ErBigj1HFnSQM9r2D248xL4wLSU25TdxYYpCYaAI0lOoxWNlYso5Qd9teGr +sRGIFGUdoNn42jOvEbRBMPsE5mLLzPxJdjxrzyaildEtew6wmaRxpYr0v0C3uCMDLLeoA IbfB5brCGCi2lxqO2wSngh6MpfV5io2dvEmATdom+2RKf+0kMwxkOLWtFa/ynw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4WncsF2kyJzNT6; Mon, 19 Aug 2024 16:06:09 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47JG69im048394; Mon, 19 Aug 2024 16:06:09 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47JG69dd048391; Mon, 19 Aug 2024 16:06:09 GMT (envelope-from git) Date: Mon, 19 Aug 2024 16:06:09 GMT Message-Id: <202408191606.47JG69dd048391@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org From: Cy Schubert Subject: git: 1c7e0fd32c4a - main - sysutils/screen*: Fix off-by-one buffer overflow List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-ports-all@freebsd.org Sender: owner-dev-commits-ports-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: ports X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 1c7e0fd32c4ac92369dbdc15fb5abf048524a9b2 Auto-Submitted: auto-generated The branch main has been updated by cy: URL: https://cgit.FreeBSD.org/ports/commit/?id=1c7e0fd32c4ac92369dbdc15fb5abf048524a9b2 commit 1c7e0fd32c4ac92369dbdc15fb5abf048524a9b2 Author: Cy Schubert AuthorDate: 2024-08-19 15:49:48 +0000 Commit: Cy Schubert CommitDate: 2024-08-19 16:05:38 +0000 sysutils/screen*: Fix off-by-one buffer overflow FreeBSD ncurses, as of c8b9c85ee5bb, does a strncpy() of 1024 bytes into a 1023 byte buffer supplied by screen. This section of code in ncurses was removed in 61f66a1f4403, and is not a problem since 14.0-RELEASE. But it is still a problem in 13-STABLE. Thank you to dim@ for detailed analysis and initial patch to sysutils/screen. The same patch is also applied to sysutils/screen-devel this commit. PR: 280868 MFH: 2024Q3 --- sysutils/screen-devel/Makefile | 7 +------ sysutils/screen-devel/files/patch-os.h | 13 +++++++++++-- sysutils/screen/Makefile | 7 +------ sysutils/screen/files/patch-os.h | 9 +++++++++ 4 files changed, 22 insertions(+), 14 deletions(-) diff --git a/sysutils/screen-devel/Makefile b/sysutils/screen-devel/Makefile index eba60db63e0c..74ddc9a27acf 100644 --- a/sysutils/screen-devel/Makefile +++ b/sysutils/screen-devel/Makefile @@ -1,6 +1,6 @@ PORTNAME= screen DISTVERSION= 5.0.0.${SCREEN_COMMIT_DATE} -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= sysutils PKGNAMESUFFIX= -devel MASTER_SITES= # @@ -51,11 +51,6 @@ CPE_VENDOR= gnu .include -.if ${ARCH} == aarch64 || ${ARCH} == armv6 || ${ARCH} == armv7 || \ - ${ARCH} == i386 || ${ARCH:Mpowerpc*} -SSP_CFLAGS?= -fno-stack-protector -.endif - GNU_CONFIGURE= yes GNU_CONFIGURE_MANPREFIX= ${PREFIX}/share CFLAGS+= -I${NCURSESINC} diff --git a/sysutils/screen-devel/files/patch-os.h b/sysutils/screen-devel/files/patch-os.h index bb7356858388..a03d22029f93 100644 --- a/sysutils/screen-devel/files/patch-os.h +++ b/sysutils/screen-devel/files/patch-os.h @@ -1,5 +1,14 @@ ---- os.h.orig 2024-03-26 16:41:57.000000000 -0700 -+++ os.h 2024-04-03 07:39:11.395526000 -0700 +--- os.h.orig 2024-07-27 07:09:11.000000000 -0700 ++++ os.h 2024-08-19 08:47:21.152670000 -0700 +@@ -148,7 +148,7 @@ + */ + + #ifndef TERMCAP_BUFSIZE +-# define TERMCAP_BUFSIZE 1023 ++# define TERMCAP_BUFSIZE 1024 + #endif + + /* @@ -161,6 +161,6 @@ /* Changing those you won't be able to attach to your old sessions * when changing those values in official tree don't forget to bump diff --git a/sysutils/screen/Makefile b/sysutils/screen/Makefile index a6958eede5f7..f963b853b839 100644 --- a/sysutils/screen/Makefile +++ b/sysutils/screen/Makefile @@ -1,6 +1,6 @@ PORTNAME= screen PORTVERSION= 4.9.1 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= sysutils MASTER_SITES= GNU \ ftp://ftp.gnu.org/gnu/screen/ \ @@ -52,11 +52,6 @@ CPE_VENDOR= gnu .include -.if ${ARCH} == aarch64 || ${ARCH} == armv6 || ${ARCH} == armv7 || \ - ${ARCH} == i386 || ${ARCH:Mpowerpc*} -SSP_CFLAGS?= -fno-stack-protector -.endif - GNU_CONFIGURE= yes GNU_CONFIGURE_MANPREFIX= ${PREFIX}/share CFLAGS+= -I${NCURSESINC} diff --git a/sysutils/screen/files/patch-os.h b/sysutils/screen/files/patch-os.h index 8ba9963d0e49..80e7ec3c0bcb 100644 --- a/sysutils/screen/files/patch-os.h +++ b/sysutils/screen/files/patch-os.h @@ -14,6 +14,15 @@ # define utmp utmpx # define getutent getutxent # define getutid getutxid +@@ -507,7 +509,7 @@ typedef struct fd_set { int fds_bits[1]; } fd_set; + */ + + #ifndef TERMCAP_BUFSIZE +-# define TERMCAP_BUFSIZE 1023 ++# define TERMCAP_BUFSIZE 1024 + #endif + + #ifndef MAXPATHLEN @@ -524,6 +526,6 @@ /* Changing those you won't be able to attach to your old sessions * when changing those values in official tree don't forget to bump