fix another instance of buffer overflow for files with long names(#632384), Fix some invalid manpage references (#624612), ship star.4 manpage with star format description

This commit is contained in:
Ondřej Vašík 2010-09-15 14:30:19 +02:00
parent 661b7e335a
commit 036119cd77
3 changed files with 83 additions and 4 deletions

View File

@ -10,3 +10,12 @@ diff -urNp star-1.5.1-orig/star/longnames.c star-1.5.1/star/longnames.c
return (TRUE);
}
@@ -198,7 +198,7 @@ name_to_tcb(info, ptb)
if (add)
strcatl(ptb->dbuf.t_name, &np[1], "/", (char *)NULL);
else
- strcpy(ptb->dbuf.t_name, &np[1]);
+ strncpy(ptb->dbuf.t_name, &np[1], props.pr_maxsname);
strncpy(ptb->dbuf.t_prefix, name, np - name);
info->f_flags |= F_SPLIT_NAME;
return (TRUE);

View File

@ -0,0 +1,56 @@
diff -urNp star-1.5.1-orig/star/spax.1 star-1.5.1/star/spax.1
--- star-1.5.1-orig/star/spax.1 2009-04-10 23:51:50.000000000 +0200
+++ star-1.5.1/star/spax.1 2010-08-17 13:32:38.246788583 +0200
@@ -4043,7 +4043,7 @@ Interfaces volume of IEEE Std 1003.1-200
.BR chown (2),
.BR creat (2),
.BR mkdir (2),
-.BR mkfifo (2),
+.BR mkfifo (3),
.BR stat (2),
.BR utime (2),
.BR write (2).
@@ -4095,7 +4095,7 @@ entry is added to the ENVIRONMENT VARIAB
IEEE PASC Interpretation 1003.2 #168 is applied, clarifying that
.BR mkdir (2)
and
-.BR mkfifo (2)
+.BR mkfifo (3)
calls can ignore an [EEXIST] error when
extracting an archive.
.PP
diff -urNp star-1.5.1-orig/star/star.1 star-1.5.1/star/star.1
--- star-1.5.1-orig/star/star.1 2009-06-02 20:49:21.000000000 +0200
+++ star-1.5.1/star/star.1 2010-08-17 13:34:50.524789662 +0200
@@ -4615,20 +4615,18 @@ cron script).
Is used for the intercative user interface.
.SH "SEE ALSO"
.BR spax (1),
-.BR suntar (1),
-.BR scpio (1),
.BR tar (1),
.BR cpio (1),
.BR pax (1),
.BR rcp (1),
.BR mt (1),
-.BR rmt (1),
+.BR rmt (8),
.BR match (1),
.BR dd (1),
.BR sdd (1),
.BR rsh (1),
.BR ssh (1),
-.BR star (4/5),
+.BR star (4),
.BR rcmd (3),
.BR fssnap (1m)
.SH DIAGNOSTICS
@@ -4951,7 +4949,7 @@ is installed suid root,
.B star
is able to make connections to remote archives for non root users.
This is done by using the
-rcmd(3) interface to get a connection to a rmt(1) server.
+rcmd(3) interface to get a connection to a rmt(8) server.
.PP
.B Star
resets its effective uid back to the real user id immediately after setting up

View File

@ -4,7 +4,7 @@
Summary: An archiving tool with ACL support
Name: star
Version: 1.5.1
Release: 2%{?dist}
Release: 4%{?dist}
URL: http://cdrecord.berlios.de/old/private/star.html
Source: ftp://ftp.berlios.de/pub/star/%{name}-%{version}.tar.bz2
@ -18,6 +18,8 @@ Patch3: star-1.5-changewarnSegv.patch
Patch4: star-1.5-stdioconflict.patch
#Prevent buffer overflow for filenames with length of 100 characters (#556664)
Patch5: star-1.5.1-bufferoverflow.patch
#Fix some invalid manpage references (#624612)
Patch6: star-1.5.1-manpagereferences.patch
License: CDDL
Group: Applications/Archiving
@ -38,9 +40,12 @@ and can restore individual files from the archive. Star supports ACL.
%patch3 -p1 -b .changewarnSegv
%patch4 -p1 -b .stdio
%patch5 -p1 -b .namesoverflow
%patch6 -p1 -b .references
cp -a star/all.mk star/Makefile
iconv -f iso_8859-1 -t utf-8 AN-1.5 >AN-1.5_utf8
mv AN-1.5_utf8 AN-1.5
iconv -f iso_8859-1 -t utf-8 star/star.4 >star/star.4_utf8
mv star/star.4_utf8 star/star.4
cp -a READMEs/README.linux .
for PLAT in %{arm} x86_64 ppc64 s390 s390x sh3 sh4 sh4a sparcv9; do
@ -70,11 +75,11 @@ CONFFLAGS="%{_target_platform} --prefix=%{_prefix} \
%install
export MAKEPROG=gmake
rm -rf ${RPM_BUILD_ROOT}
mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man1
mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man4
%makeinstall RPM_INSTALLDIR=${RPM_BUILD_ROOT} PARCH=%{_target_cpu} K_ARCH=%{_target_cpu} < /dev/null
rm -rf ${RPM_BUILD_ROOT}/usr/share/man
rm -rf ${RPM_BUILD_ROOT}/usr/share/doc/rmt
mv ${RPM_BUILD_ROOT}/usr/man ${RPM_BUILD_ROOT}%{_mandir}
mv ${RPM_BUILD_ROOT}/usr/man/man5/star.5 ${RPM_BUILD_ROOT}%{_mandir}/man4/star.4
mv ${RPM_BUILD_ROOT}/usr/man/* ${RPM_BUILD_ROOT}%{_mandir}
ln -s star.1.gz ${RPM_BUILD_ROOT}%{_mandir}/man1/ustar.1
# XXX Nuke unpackaged files.
@ -110,8 +115,17 @@ rm -rf ${RPM_BUILD_ROOT}
%{_mandir}/man1/star.1*
%{_mandir}/man1/spax.1*
%{_mandir}/man1/ustar.1*
%{_mandir}/man4/star.4*
%changelog
* Wed Sep 15 2010 Ondrej Vasik <ovasik@redhat.com> 1.5.1-4
- fix another instance of buffer overflow for files with
long names(#632384)
* Tue Aug 17 2010 Ondrej Vasik <ovasik@redhat.com> 1.5.1-3
- Fix some invalid manpage references (#624612)
- ship star.4 manpage with star format description
* Wed Feb 03 2010 Ondrej Vasik <ovasik@redhat.com> 1.5.1-2
- fix buffer overflow for files with names of length
100 chars(#556664)