Date: Tue, 17 Feb 2015 23:50:33 +0100 From: Jan Beich <jbeich@FreeBSD.org> To: Xin LI <delphij@FreeBSD.org> Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org, ports-committers@freebsd.org Subject: Re: svn commit: r379192 - in head/archivers/unzip: . files Message-ID: <lhjw-5f0m-wny@FreeBSD.org> In-Reply-To: <201502172158.t1HLwe7N060649@svn.freebsd.org> (Xin LI's message of "Tue, 17 Feb 2015 21:58:40 %2B0000 (UTC)") References: <201502172158.t1HLwe7N060649@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Xin LI <delphij@FreeBSD.org> writes: > Log: > Apply fix for CVE-2015-1315 from Marc Deslauriers > <marc.deslauriers@canonical.com>. >=20=20=20 > MFH: 2015Q1 > Approved by: so [...] > Modified: head/archivers/unzip/files/extra-iconv-patch-unix_unix.c > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > --- head/archivers/unzip/files/extra-iconv-patch-unix_unix.c Tue Feb 17 2= 1:32:56 2015 (r379191) > +++ head/archivers/unzip/files/extra-iconv-patch-unix_unix.c Tue Feb 17 2= 1:58:40 2015 (r379192) > @@ -76,15 +76,27 @@ > + > + slen =3D strlen(string); > + s =3D string; > -+ dlen =3D buflen =3D 2*slen; > -+ d =3D buf =3D malloc(buflen + 1); > ++ > ++ /* Make sure OUTBUFSIZ + 1 never ends up smaller than FILNAMSIZ > ++ * as this function also gets called with G.outbuf in fileio.c > ++ */ > ++ buflen =3D FILNAMSIZ; [...] Why the underlying @@ line hasn't changed if number of ++ lines increased? It makes my ICONV=3Don build fail $ make [...] --- unzipsfx --- fileio_.o: In function `do_string': fileio.c:(.text+0x14d5): undefined reference to `iso_intern' fileio.c:(.text+0x14e8): undefined reference to `oem_intern' fileio.c:(.text+0x1944): undefined reference to `iso_intern' fileio.c:(.text+0x1950): undefined reference to `oem_intern' cc: error: linker command failed with exit code 1 (use -v to see invocati= on) Index: archivers/unzip/files/extra-iconv-patch-unix_unix.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =2D-- archivers/unzip/files/extra-iconv-patch-unix_unix.c (revision 379194) +++ archivers/unzip/files/extra-iconv-patch-unix_unix.c (working copy) @@ -10,7 +10,7 @@ #ifdef SCO_XENIX # define SYSNDIR #else /* SCO Unix, AIX, DNIX, TI SysV, Coherent 4.x, ... */ =2D@@ -1874,3 +1877,90 @@ static void qlfix(__G__ ef_ptr, ef_len) +@@ -1874,3 +1877,102 @@ static void qlfix(__G__ ef_ptr, ef_len) } } #endif /* QLZIP */ --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQF8BAEBCgBmBQJU48W5XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXREQjQ0MzY3NEM3RDIzNTc4NkUxNDkyQ0VF NEM3Nzg4MzQ3OURCRERCAAoJEOTHeINHnb3bnTIIAICE+3xRpebdSthi/r7rDi63 ZBHMzt5ySxyElq7tlwTMaiCFqpZlc+PfRMnLnMpMTL3/quu8b8Da2B6FBVbzbyye kAzTZgViOJ3YxqMmrr/0Z33Jjhurve951Yg9ql7oJfRvjz4CIel2UZLdZ2ARTUW1 bcRzOSoS2Ay6CcaKPif0xfVbEvgUcLxWzO8m9n22euV5v47v0Oo69aSab8yPaIpv 58AV9moFXNDc/V0pd8VKmKmaetJ7lhyX6Fs54CQRnTN8ZESguJ997kVIcKh8rbGd 7lA6MTml8bLITqE8gpgCRqtZ0ukFHh+g7cVEcUPAh8D6RlAEThgq/rEVVIWn+rM= =5Fo1 -----END PGP SIGNATURE----- --=-=-=--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?lhjw-5f0m-wny>