summaryrefslogtreecommitdiffstats
path: root/print/ggv
diff options
context:
space:
mode:
authorsobomax <sobomax@FreeBSD.org>2002-10-18 08:25:32 +0000
committersobomax <sobomax@FreeBSD.org>2002-10-18 08:25:32 +0000
commita03257169497eb7991f582d1c37a0c9ba0c1f91a (patch)
tree80ece478c683e186b08ef6d0cc41a4dc8efa7b35 /print/ggv
parent4f634fb8fc0c6b73906686a271d5ff338b26b588 (diff)
downloadFreeBSD-ports-a03257169497eb7991f582d1c37a0c9ba0c1f91a.zip
FreeBSD-ports-a03257169497eb7991f582d1c37a0c9ba0c1f91a.tar.gz
Fix security vulnerability (the patch backported from ggv2).
Diffstat (limited to 'print/ggv')
-rw-r--r--print/ggv/Makefile4
-rw-r--r--print/ggv/files/patch-src::ps.c148
2 files changed, 149 insertions, 3 deletions
diff --git a/print/ggv/Makefile b/print/ggv/Makefile
index b78782f..c5dbf68 100644
--- a/print/ggv/Makefile
+++ b/print/ggv/Makefile
@@ -7,7 +7,7 @@
PORTNAME= ggv
PORTVERSION= 1.0.2
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= print gnome
MASTER_SITES= ${MASTER_SITE_GNOME}
MASTER_SITE_SUBDIR= sources/ggv/1.0
@@ -16,8 +16,6 @@ MAINTAINER= gnome@FreeBSD.org
RUN_DEPENDS= gs:${PORTSDIR}/print/ghostscript-gnu
-FORBIDDEN= "Security vulnerability, see bugtraq id 5808"
-
USE_X_PREFIX= yes
USE_GMAKE= yes
USE_GNOMENG= yes
diff --git a/print/ggv/files/patch-src::ps.c b/print/ggv/files/patch-src::ps.c
new file mode 100644
index 0000000..4855bfd
--- /dev/null
+++ b/print/ggv/files/patch-src::ps.c
@@ -0,0 +1,148 @@
+
+$FreeBSD$
+
+--- src/ps.c.orig Mon Jan 22 16:04:50 2001
++++ src/ps.c Fri Oct 18 11:19:55 2002
+@@ -282,7 +282,7 @@
+
+ /* Jake Hamby patch 18/3/98 */
+
+- sscanf(line, "%*s %s", text);
++ sscanf(line, "%*s %256s", text);
+ /*doc->epsf = iscomment(text, "EPSF-");*/
+ doc->epsf = iscomment(text, "EPSF"); /* Hamby - This line changed */
+ doc->beginheader = position;
+@@ -323,7 +323,7 @@
+ } else if (doc->date == NULL && iscomment(line+2, "CreationDate:")) {
+ doc->date = gettextline(line+length("%%CreationDate:"));
+ } else if (bb_set == NONE && iscomment(line+2, "BoundingBox:")) {
+- sscanf(line+length("%%BoundingBox:"), "%s", text);
++ sscanf(line+length("%%BoundingBox:"), "%256s", text);
+ if (strcmp(text, "(atend)") == 0) {
+ bb_set = ATEND;
+ } else {
+@@ -355,7 +355,7 @@
+ }
+ } else if (orientation_set == NONE &&
+ iscomment(line+2, "Orientation:")) {
+- sscanf(line+length("%%Orientation:"), "%s", text);
++ sscanf(line+length("%%Orientation:"), "%256s", text);
+ if (strcmp(text, "(atend)") == 0) {
+ orientation_set = ATEND;
+ } else if (strcmp(text, "Portrait") == 0) {
+@@ -366,7 +366,7 @@
+ orientation_set = 1;
+ }
+ } else if (page_order_set == NONE && iscomment(line+2, "PageOrder:")) {
+- sscanf(line+length("%%PageOrder:"), "%s", text);
++ sscanf(line+length("%%PageOrder:"), "%256s", text);
+ if (strcmp(text, "(atend)") == 0) {
+ page_order_set = ATEND;
+ } else if (strcmp(text, "Ascend") == 0) {
+@@ -380,7 +380,7 @@
+ page_order_set = 1;
+ }
+ } else if (pages_set == NONE && iscomment(line+2, "Pages:")) {
+- sscanf(line+length("%%Pages:"), "%s", text);
++ sscanf(line+length("%%Pages:"), "%256s", text);
+ if (strcmp(text, "(atend)") == 0) {
+ pages_set = ATEND;
+ } else {
+@@ -579,7 +579,7 @@
+ /* Do nothing */
+ } else if (doc->default_page_orientation == NONE &&
+ iscomment(line+2, "PageOrientation:")) {
+- sscanf(line+length("%%PageOrientation:"), "%s", text);
++ sscanf(line+length("%%PageOrientation:"), "%256s", text);
+ if (strcmp(text, "Portrait") == 0) {
+ doc->default_page_orientation = PORTRAIT;
+ } else if (strcmp(text, "Landscape") == 0) {
+@@ -703,7 +703,7 @@
+ /* Do nothing */
+ } else if (doc->default_page_orientation == NONE &&
+ iscomment(line+2, "PageOrientation:")) {
+- sscanf(line+length("%%PageOrientation:"), "%s", text);
++ sscanf(line+length("%%PageOrientation:"), "%256s", text);
+ if (strcmp(text, "Portrait") == 0) {
+ doc->default_page_orientation = PORTRAIT;
+ } else if (strcmp(text, "Landscape") == 0) {
+@@ -842,7 +842,7 @@
+ /* Do nothing */
+ } else if (doc->pages[doc->numpages].orientation == NONE &&
+ iscomment(line+2, "PageOrientation:")) {
+- sscanf(line+length("%%PageOrientation:"), "%s", text);
++ sscanf(line+length("%%PageOrientation:"), "%256s", text);
+ if (strcmp(text, "Portrait") == 0) {
+ doc->pages[doc->numpages].orientation = PORTRAIT;
+ } else if (strcmp(text, "Landscape") == 0) {
+@@ -874,7 +874,7 @@
+ g_free(cp);
+ } else if ((page_bb_set == NONE || page_bb_set == ATEND) &&
+ iscomment(line+2, "PageBoundingBox:")) {
+- sscanf(line+length("%%PageBoundingBox:"), "%s", text);
++ sscanf(line+length("%%PageBoundingBox:"), "%256s", text);
+ if (strcmp(text, "(atend)") == 0) {
+ page_bb_set = ATEND;
+ } else {
+@@ -988,14 +988,14 @@
+ }
+ } else if (orientation_set == ATEND &&
+ iscomment(line+2, "Orientation:")) {
+- sscanf(line+length("%%Orientation:"), "%s", text);
++ sscanf(line+length("%%Orientation:"), "%256s", text);
+ if (strcmp(text, "Portrait") == 0) {
+ doc->orientation = PORTRAIT;
+ } else if (strcmp(text, "Landscape") == 0) {
+ doc->orientation = LANDSCAPE;
+ }
+ } else if (page_order_set == ATEND && iscomment(line+2, "PageOrder:")) {
+- sscanf(line+length("%%PageOrder:"), "%s", text);
++ sscanf(line+length("%%PageOrder:"), "%256s", text);
+ if (strcmp(text, "Ascend") == 0) {
+ doc->pageorder = ASCEND;
+ } else if (strcmp(text, "Descend") == 0) {
+@@ -1277,7 +1277,7 @@
+ else if IS_BEGIN("Data:") {
+ text[0] = '\0';
+ strcpy(save, line+7);
+- if (sscanf(line+length("%%BeginData:"), "%d %*s %s", &num, text) >= 1) {
++ if (sscanf(line+length("%%BeginData:"), "%d %*s %256s", &num, text) >= 1) {
+ if (strcmp(text, "Lines") == 0) {
+ for (i=0; i < num; i++) {
+ cp = fgets(line, size, fp);
+@@ -1394,7 +1394,7 @@
+ } else if (iscomment(line+7, "Data:")) {
+ text[0] = '\0';
+ strcpy(save, line+7);
+- if (sscanf(line+length("%%BeginData:"), "%d %*s %s", &num, text) >= 1) {
++ if (sscanf(line+length("%%BeginData:"), "%d %*s %256s", &num, text) >= 1) {
+ if (strcmp(text, "Lines") == 0) {
+ for (i=0; i < num; i++) {
+ cp = fgets(line, size, fp);
+@@ -1470,7 +1470,7 @@
+ } else if (iscomment(line+7, "Data:")) {
+ text[0] = '\0';
+ if (sscanf(line+length("%%BeginData:"),
+- "%d %*s %s", &num, text) >= 1) {
++ "%d %*s %256s", &num, text) >= 1) {
+ if (strcmp(text, "Lines") == 0) {
+ for (i=0; i < num; i++) {
+ fgets(line, sizeof line, from);
+@@ -1538,7 +1538,7 @@
+ } else if (iscomment(line+7, "Data:")) {
+ text[0] = '\0';
+ if (sscanf(line+length("%%BeginData:"),
+- "%d %*s %s", &num, text) >= 1) {
++ "%d %*s %256s", &num, text) >= 1) {
+ if (strcmp(text, "Lines") == 0) {
+ for (i=0; i < num; i++) {
+ fgets(line, sizeof line, from);
+@@ -1623,7 +1623,7 @@
+ g_free(comment);
+ continue;
+ }
+- sscanf(comment+length("%%Pages:"), "%s", text);
++ sscanf(comment+length("%%Pages:"), "%256s", text);
+ if (strcmp(text, "(atend)") == 0) {
+ fputs(comment, dest_file);
+ pages_atend = TRUE;
OpenPOWER on IntegriCloud