From owner-svn-ports-all@FreeBSD.ORG Tue Feb 17 22:51:15 2015 Return-Path: Delivered-To: svn-ports-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 81DA3E37 for ; Tue, 17 Feb 2015 22:51:15 +0000 (UTC) Received: from vfemail.net (nine.vfemail.net [108.76.175.9]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id BBD9915C for ; Tue, 17 Feb 2015 22:51:12 +0000 (UTC) Received: (qmail 83060 invoked by uid 89); 17 Feb 2015 22:50:58 -0000 Received: from localhost (HELO freequeue.vfemail.net) (127.0.0.1) by localhost with (DHE-RSA-AES256-SHA encrypted) SMTP; 17 Feb 2015 22:50:58 -0000 Received: (qmail 81957 invoked by uid 89); 17 Feb 2015 22:50:40 -0000 Received: by simscan 1.3.1 ppid: 81949, pid: 81953, t: 0.0036s scanners:none Received: from unknown (HELO smtp102-2.vfemail.net) (172.16.100.62) by FreeQueue with SMTP; 17 Feb 2015 22:50:40 -0000 Received: (qmail 11714 invoked by uid 89); 17 Feb 2015 22:50:50 -0000 Received: by simscan 1.4.0 ppid: 11636, pid: 11704, t: 1.0016s scanners:none Received: from unknown (HELO nil) (amJlaWNoQHZmZW1haWwubmV0@172.16.100.27) by 172.16.100.62 with ESMTPA; 17 Feb 2015 22:50:49 -0000 From: Jan Beich To: Xin LI Subject: Re: svn commit: r379192 - in head/archivers/unzip: . files References: <201502172158.t1HLwe7N060649@svn.freebsd.org> Date: Tue, 17 Feb 2015 23:50:33 +0100 In-Reply-To: <201502172158.t1HLwe7N060649@svn.freebsd.org> (Xin LI's message of "Tue, 17 Feb 2015 21:58:40 +0000 (UTC)") Message-ID: MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" Cc: svn-ports-head@freebsd.org, svn-ports-all@freebsd.org, ports-committers@freebsd.org X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Feb 2015 22:51:15 -0000 --=-=-= Content-Type: text/plain Content-Transfer-Encoding: quoted-printable Xin LI writes: > Log: > Apply fix for CVE-2015-1315 from Marc Deslauriers > . >=20=20=20 > MFH: 2015Q1 > Approved by: so [...] > Modified: head/archivers/unzip/files/extra-iconv-patch-unix_unix.c > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D > --- head/archivers/unzip/files/extra-iconv-patch-unix_unix.c Tue Feb 17 2= 1:32:56 2015 (r379191) > +++ head/archivers/unzip/files/extra-iconv-patch-unix_unix.c Tue Feb 17 2= 1:58:40 2015 (r379192) > @@ -76,15 +76,27 @@ > + > + slen =3D strlen(string); > + s =3D string; > -+ dlen =3D buflen =3D 2*slen; > -+ d =3D buf =3D malloc(buflen + 1); > ++ > ++ /* Make sure OUTBUFSIZ + 1 never ends up smaller than FILNAMSIZ > ++ * as this function also gets called with G.outbuf in fileio.c > ++ */ > ++ buflen =3D FILNAMSIZ; [...] Why the underlying @@ line hasn't changed if number of ++ lines increased? It makes my ICONV=3Don build fail $ make [...] --- unzipsfx --- fileio_.o: In function `do_string': fileio.c:(.text+0x14d5): undefined reference to `iso_intern' fileio.c:(.text+0x14e8): undefined reference to `oem_intern' fileio.c:(.text+0x1944): undefined reference to `iso_intern' fileio.c:(.text+0x1950): undefined reference to `oem_intern' cc: error: linker command failed with exit code 1 (use -v to see invocati= on) Index: archivers/unzip/files/extra-iconv-patch-unix_unix.c =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =2D-- archivers/unzip/files/extra-iconv-patch-unix_unix.c (revision 379194) +++ archivers/unzip/files/extra-iconv-patch-unix_unix.c (working copy) @@ -10,7 +10,7 @@ #ifdef SCO_XENIX # define SYSNDIR #else /* SCO Unix, AIX, DNIX, TI SysV, Coherent 4.x, ... */ =2D@@ -1874,3 +1877,90 @@ static void qlfix(__G__ ef_ptr, ef_len) +@@ -1874,3 +1877,102 @@ static void qlfix(__G__ ef_ptr, ef_len) } } #endif /* QLZIP */ --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQF8BAEBCgBmBQJU48W5XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXREQjQ0MzY3NEM3RDIzNTc4NkUxNDkyQ0VF NEM3Nzg4MzQ3OURCRERCAAoJEOTHeINHnb3bnTIIAICE+3xRpebdSthi/r7rDi63 ZBHMzt5ySxyElq7tlwTMaiCFqpZlc+PfRMnLnMpMTL3/quu8b8Da2B6FBVbzbyye kAzTZgViOJ3YxqMmrr/0Z33Jjhurve951Yg9ql7oJfRvjz4CIel2UZLdZ2ARTUW1 bcRzOSoS2Ay6CcaKPif0xfVbEvgUcLxWzO8m9n22euV5v47v0Oo69aSab8yPaIpv 58AV9moFXNDc/V0pd8VKmKmaetJ7lhyX6Fs54CQRnTN8ZESguJ997kVIcKh8rbGd 7lA6MTml8bLITqE8gpgCRqtZ0ukFHh+g7cVEcUPAh8D6RlAEThgq/rEVVIWn+rM= =5Fo1 -----END PGP SIGNATURE----- --=-=-=--