This programs suffers severe code quality problems and should have never been added to Gentoo. It looks like a shell script badly converted to a C program with a lot of system() calls with wildcards, horribly unreadable code and broken memory management including reading past end-of-string (which only recently replaced writing into uninitialized memory). Auditing the program completely would probably be more costly than rewriting it from scratch. @security, not sure if you want to audit it. The first thing to notice is that if you pass too long distro or output file, strncpy() will leave unterminated buffer.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ccdc858713b1f18e1fab59d89deabbbcade018f7 commit ccdc858713b1f18e1fab59d89deabbbcade018f7 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2019-04-25 15:12:44 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2019-04-25 15:14:38 +0000 package.mask: Last rite app-admin/lsat Bug: https://bugs.gentoo.org/684340 Signed-off-by: Michał Górny <mgorny@gentoo.org> profiles/package.mask | 11 +++++++++++ 1 file changed, 11 insertions(+)
The bug has been closed via the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3a2400234a2cbaa6ca875377a6fd027953139954 commit 3a2400234a2cbaa6ca875377a6fd027953139954 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: 2019-05-28 13:36:42 +0000 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: 2019-05-28 13:36:42 +0000 app-admin/lsat: Remove last-rited pkg Closes: https://bugs.gentoo.org/684340 Signed-off-by: Michał Górny <mgorny@gentoo.org> app-admin/lsat/Manifest | 1 - app-admin/lsat/files/lsat-0.9.7.1-gentoo.patch | 42 ----------------- .../lsat/files/lsat-0.9.7.1-segfault-fix.patch | 45 ------------------ app-admin/lsat/lsat-0.9.7.1-r2.ebuild | 54 ---------------------- app-admin/lsat/metadata.xml | 15 ------ profiles/package.mask | 11 ----- 6 files changed, 168 deletions(-)
