[arch-commits] Commit in libxdg-basedir/trunk (2 files)

Fri, 14 Nov 2014 01:44:10 -0800 

    Date: Friday, November 14, 2014 @ 10:43:03
  Author: ronald
Revision: 122550

upgpkg: libxdg-basedir 1.2.0-3

fix buffer overflow FS#39490

Added:
  libxdg-basedir/trunk/xdgGetRelativeHome-overflow.patch
Modified:
  libxdg-basedir/trunk/PKGBUILD

-----------------------------------+
 PKGBUILD                          |   15 ++++++++++++---
 xdgGetRelativeHome-overflow.patch |   11 +++++++++++
 2 files changed, 23 insertions(+), 3 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD    2014-11-14 09:35:26 UTC (rev 122549)
+++ PKGBUILD    2014-11-14 09:43:03 UTC (rev 122550)
@@ -3,20 +3,29 @@
 
 pkgname=libxdg-basedir
 pkgver=1.2.0
-pkgrel=2
+pkgrel=3
 pkgdesc="An implementation of the XDG Base Directory specifications."
 arch=('i686' 'x86_64')
-url="http://n.ethz.ch/student/nevillm/download/libxdg-basedir";
+#url="http://n.ethz.ch/student/nevillm/download/libxdg-basedir";
+url="https://github.com/devnev/$pkgname";
 license=('MIT')
 depends=('glibc')
 source=(https://github.com/devnev/$pkgname/archive/$pkgname-$pkgver.tar.gz
+        'xdgGetRelativeHome-overflow.patch'
         'LICENSE')
 sha1sums=('e671b01b17c8cf785d95dd3aefa93e7cf31e56a5'
+          '90ce224344f8075c4ce8241b8f8bf13b8968eec5'
           'c76efede60d0632d4241d718919d8b4ec62056b3')
 
+prepare() {
+   cd "${srcdir}/$pkgname-$pkgname-$pkgver"
+
+#   FS#39490: Fix buffer overflow
+   patch -Np0 -i "${srcdir}/xdgGetRelativeHome-overflow.patch"
+}
+
 build() {
    cd "${srcdir}/$pkgname-$pkgname-$pkgver"
-
    ./autogen.sh --prefix=/usr
    make
 }

Added: xdgGetRelativeHome-overflow.patch
===================================================================
--- xdgGetRelativeHome-overflow.patch                           (rev 0)
+++ xdgGetRelativeHome-overflow.patch   2014-11-14 09:43:03 UTC (rev 122550)
@@ -0,0 +1,11 @@
+--- src/basedir.c.orig 2014-03-16 20:26:36.938576209 +0100
++++ src/basedir.c      2014-03-16 20:27:50.212192889 +0100
+@@ -574,7 +574,7 @@
+               unsigned int homelen;
+               if (!(home = xdgGetEnv("HOME")))
+                       return NULL;
+-              if (!(relhome = (char*)malloc((homelen = 
strlen(home))+fallbacklength))) return NULL;
++              if (!(relhome = (char*)malloc((homelen = 
strlen(home))+fallbacklength+1))) return NULL;
+               memcpy(relhome, home, homelen);
+               memcpy(relhome+homelen, relativefallback, fallbacklength+1);
+       }

Reply via email to