From nobody Mon Aug 19 16:08:36 2024 X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Wncw51STtz5THFn; Mon, 19 Aug 2024 16:08:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Wncw50vdWz4BsK; Mon, 19 Aug 2024 16:08:37 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724083717; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=jUI5gCwdDSqA5mYMF8mKx8TiY2UwBqbz7Y/6pYmff50=; b=CIQGIefq3aJXnt3eiEmferkiq7uVKnvQ1imbhceTjM+vN3Kf/n2Td8T05izx8jNycM26BU rhpfUpYpv7NrVnIlIYEZia8xaZdHvoOI3F31uKwOEJrEWzNvt1FXShEQvEDzex4i6N//9w t3m20CZS2MuF37yUBVUZ2Y9JT9owQqTd6DgEiZj68+tzCMX0c/bjcngjnnYYKmPngoOJam ucLyTgXP6CuweZqX2zEOpDsoAbALq0I6jjBnSBtQvmE9wtnCFCauB2oL490ZKoquQ8zDc+ jln17ajCpwgFSBIk6imOd+rKcyr9C7NEuBhj220dX1OBRO9h85hnvdjCyTANlQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1724083717; a=rsa-sha256; cv=none; b=LRT139vgZ/VE6rrmvCNNdSLRmsLAqM6BdybpCzDVuM9AcpPNajMpkzQw815th4JUqGNiBQ 7sR4EPmUvebZchu5Z1aBy9NY9y/vmuVpQZXqPfFKzCWHRjFjdZP86f7TTqH7dthiShylhJ vGzj/P1bL3Tle9hoBEvloGMc9P3wAMIrrf4ygNajn7KF/SXKiv+KEp2Lmrlf6m0QuooY2V MrigRrNE8lv3sPbF5xurPHyzgYBa0FiA3R1Mo+VxnUo9z1YIIbzFzhJaqu6GI9/dx4459p Skp2zhq6nfrMdDig69cwKAYs2urK25cZyLhIPpYlhtJiNNBMOZ6ku5A45DL8+w== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1724083717; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=jUI5gCwdDSqA5mYMF8mKx8TiY2UwBqbz7Y/6pYmff50=; b=LkfvP9ccQLkdq2k9zkB/VhvYK3cSXSfBktFTQzXzFEnHT7tYeGbU/j7Cxs/hrcOgRX9p3z wCOgBY/rUTUMY90tMy4gM46ISzDEmk3PrV7yDuXUShNdn+rVUH7WTE2xVICKkKBQkybq4q hUbnqQfd92Oan4tZBCniJHzX0fM9OZFfQIogdiRyKYo61YrUjf1d9HaH+HbnYsgNZJu+i4 w3MyPTdCb+Mc3K0Z1KBUeAdYEl3CuRDoDPzD42Cwot/l6ciYhvYpsYElC5hQ5wzMtVVyOa hnOVHJYuqMpne7XcWIPK9uzWsjkJsLdxxRCQ0YusfTMJE1e4BFxt37ruXyuPSA== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4Wncw50VqxzN66; Mon, 19 Aug 2024 16:08:37 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 47JG8aDs048875; Mon, 19 Aug 2024 16:08:36 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 47JG8a4Q048872; Mon, 19 Aug 2024 16:08:36 GMT (envelope-from git) Date: Mon, 19 Aug 2024 16:08:36 GMT Message-Id: <202408191608.47JG8a4Q048872@gitrepo.freebsd.org> To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org From: Cy Schubert Subject: git: 5c23182d5fc9 - 2024Q3 - sysutils/screen*: Fix off-by-one buffer overflow List-Id: Commit messages for all branches of the ports repository List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: dev-commits-ports-all@freebsd.org Sender: owner-dev-commits-ports-all@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: cy X-Git-Repository: ports X-Git-Refname: refs/heads/2024Q3 X-Git-Reftype: branch X-Git-Commit: 5c23182d5fc90586b59c5312afb3e36d4edf389c Auto-Submitted: auto-generated The branch 2024Q3 has been updated by cy: URL: https://cgit.FreeBSD.org/ports/commit/?id=5c23182d5fc90586b59c5312afb3e36d4edf389c commit 5c23182d5fc90586b59c5312afb3e36d4edf389c Author: Cy Schubert AuthorDate: 2024-08-19 15:49:48 +0000 Commit: Cy Schubert CommitDate: 2024-08-19 16:08:32 +0000 sysutils/screen*: Fix off-by-one buffer overflow FreeBSD ncurses, as of c8b9c85ee5bb, does a strncpy() of 1024 bytes into a 1023 byte buffer supplied by screen. This section of code in ncurses was removed in 61f66a1f4403, and is not a problem since 14.0-RELEASE. But it is still a problem in 13-STABLE. Thank you to dim@ for detailed analysis and initial patch to sysutils/screen. The same patch is also applied to sysutils/screen-devel this commit. PR: 280868 (cherry picked from commit 1c7e0fd32c4ac92369dbdc15fb5abf048524a9b2) --- sysutils/screen-devel/Makefile | 7 +------ sysutils/screen-devel/files/patch-os.h | 13 +++++++++++-- sysutils/screen/Makefile | 7 +------ sysutils/screen/files/patch-os.h | 9 +++++++++ 4 files changed, 22 insertions(+), 14 deletions(-) diff --git a/sysutils/screen-devel/Makefile b/sysutils/screen-devel/Makefile index eba60db63e0c..74ddc9a27acf 100644 --- a/sysutils/screen-devel/Makefile +++ b/sysutils/screen-devel/Makefile @@ -1,6 +1,6 @@ PORTNAME= screen DISTVERSION= 5.0.0.${SCREEN_COMMIT_DATE} -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= sysutils PKGNAMESUFFIX= -devel MASTER_SITES= # @@ -51,11 +51,6 @@ CPE_VENDOR= gnu .include -.if ${ARCH} == aarch64 || ${ARCH} == armv6 || ${ARCH} == armv7 || \ - ${ARCH} == i386 || ${ARCH:Mpowerpc*} -SSP_CFLAGS?= -fno-stack-protector -.endif - GNU_CONFIGURE= yes GNU_CONFIGURE_MANPREFIX= ${PREFIX}/share CFLAGS+= -I${NCURSESINC} diff --git a/sysutils/screen-devel/files/patch-os.h b/sysutils/screen-devel/files/patch-os.h index bb7356858388..a03d22029f93 100644 --- a/sysutils/screen-devel/files/patch-os.h +++ b/sysutils/screen-devel/files/patch-os.h @@ -1,5 +1,14 @@ ---- os.h.orig 2024-03-26 16:41:57.000000000 -0700 -+++ os.h 2024-04-03 07:39:11.395526000 -0700 +--- os.h.orig 2024-07-27 07:09:11.000000000 -0700 ++++ os.h 2024-08-19 08:47:21.152670000 -0700 +@@ -148,7 +148,7 @@ + */ + + #ifndef TERMCAP_BUFSIZE +-# define TERMCAP_BUFSIZE 1023 ++# define TERMCAP_BUFSIZE 1024 + #endif + + /* @@ -161,6 +161,6 @@ /* Changing those you won't be able to attach to your old sessions * when changing those values in official tree don't forget to bump diff --git a/sysutils/screen/Makefile b/sysutils/screen/Makefile index a6958eede5f7..f963b853b839 100644 --- a/sysutils/screen/Makefile +++ b/sysutils/screen/Makefile @@ -1,6 +1,6 @@ PORTNAME= screen PORTVERSION= 4.9.1 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= sysutils MASTER_SITES= GNU \ ftp://ftp.gnu.org/gnu/screen/ \ @@ -52,11 +52,6 @@ CPE_VENDOR= gnu .include -.if ${ARCH} == aarch64 || ${ARCH} == armv6 || ${ARCH} == armv7 || \ - ${ARCH} == i386 || ${ARCH:Mpowerpc*} -SSP_CFLAGS?= -fno-stack-protector -.endif - GNU_CONFIGURE= yes GNU_CONFIGURE_MANPREFIX= ${PREFIX}/share CFLAGS+= -I${NCURSESINC} diff --git a/sysutils/screen/files/patch-os.h b/sysutils/screen/files/patch-os.h index 8ba9963d0e49..80e7ec3c0bcb 100644 --- a/sysutils/screen/files/patch-os.h +++ b/sysutils/screen/files/patch-os.h @@ -14,6 +14,15 @@ # define utmp utmpx # define getutent getutxent # define getutid getutxid +@@ -507,7 +509,7 @@ typedef struct fd_set { int fds_bits[1]; } fd_set; + */ + + #ifndef TERMCAP_BUFSIZE +-# define TERMCAP_BUFSIZE 1023 ++# define TERMCAP_BUFSIZE 1024 + #endif + + #ifndef MAXPATHLEN @@ -524,6 +526,6 @@ /* Changing those you won't be able to attach to your old sessions * when changing those values in official tree don't forget to bump