diff options
author | delphij <delphij@FreeBSD.org> | 2016-10-10 07:18:54 +0000 |
---|---|---|
committer | delphij <delphij@FreeBSD.org> | 2016-10-10 07:18:54 +0000 |
commit | b076c99bf1ecb467a4e2e244d8c83703ade48a57 (patch) | |
tree | f0f11145ec819dbc441fac37a4cdf72cdcdf34da /usr.sbin | |
parent | 732e3790c641745d1af66fb12949ce9727cc2923 (diff) | |
download | FreeBSD-src-b076c99bf1ecb467a4e2e244d8c83703ade48a57.zip FreeBSD-src-b076c99bf1ecb467a4e2e244d8c83703ade48a57.tar.gz |
Fix bspatch heap overflow vulnerability. [SA-16:29]
Fix multiple portsnap vulnerabilities. [SA-16:30]
Fix multiple libarchive vulnerabilities. [SA-16:31]
Approved by: so
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/portsnap/portsnap/portsnap.sh | 15 |
1 files changed, 11 insertions, 4 deletions
diff --git a/usr.sbin/portsnap/portsnap/portsnap.sh b/usr.sbin/portsnap/portsnap/portsnap.sh index 90a875e..176dc13 100644 --- a/usr.sbin/portsnap/portsnap/portsnap.sh +++ b/usr.sbin/portsnap/portsnap/portsnap.sh @@ -646,7 +646,7 @@ fetch_index_sanity() { # Verify a list of files fetch_snapshot_verify() { while read F; do - if [ "`gunzip -c snap/${F} | ${SHA256} -q`" != ${F} ]; then + if [ "`gunzip -c < snap/${F}.gz | ${SHA256} -q`" != ${F} ]; then echo "snapshot corrupt." return 1 fi @@ -681,11 +681,18 @@ fetch_snapshot() { cut -f 2 -d '|' tINDEX.new | fetch_snapshot_verify || return 1 # Extract the index rm -f INDEX.new - gunzip -c snap/`look INDEX tINDEX.new | + gunzip -c < snap/`look INDEX tINDEX.new | cut -f 2 -d '|'`.gz > INDEX.new fetch_index_sanity || return 1 # Verify the snapshot contents cut -f 2 -d '|' INDEX.new | fetch_snapshot_verify || return 1 + cut -f 2 -d '|' tINDEX.new INDEX.new | sort -u > files.expected + find snap -mindepth 1 | sed -E 's^snap/(.*)\.gz^\1^' | sort > files.snap + if ! cmp -s files.expected files.snap; then + echo "unexpected files in snapshot." + return 1 + fi + rm files.expected files.snap echo "done." # Move files into their proper locations @@ -777,7 +784,7 @@ fetch_update() { # Extract the index echo -n "Extracting index... " 1>${QUIETREDIR} - gunzip -c files/`look INDEX tINDEX.new | + gunzip -c < files/`look INDEX tINDEX.new | cut -f 2 -d '|'`.gz > INDEX.new fetch_index_sanity || return 1 @@ -897,7 +904,7 @@ extract_make_index() { echo -n "$1 not provided by portsnap server; " echo "$2 not being generated." else - gunzip -c "${WORKDIR}/files/`look $1 ${WORKDIR}/tINDEX | + gunzip -c < "${WORKDIR}/files/`look $1 ${WORKDIR}/tINDEX | cut -f 2 -d '|'`.gz" | cat - ${LOCALDESC} | ${MKINDEX} /dev/stdin > ${PORTSDIR}/$2 |