Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 46682 Details for
Bug 74694
app-text/vilistextum-2.6.2: get_attr overflows temp buffer
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch against 2.6.7 which enables use of glibc iconv
vilistextum-2.6.8-devel.diff (text/plain), 14.36 KB, created by
Patric Mueller
on 2004-12-22 18:17:32 UTC
(
hide
)
Description:
Patch against 2.6.7 which enables use of glibc iconv
Filename:
MIME Type:
Creator:
Patric Mueller
Created:
2004-12-22 18:17:32 UTC
Size:
14.36 KB
patch
obsolete
>diff -ruw vilistextum-2.6.7/CHANGES vilistextum-2.6.8-devel/CHANGES >--- vilistextum-2.6.7/CHANGES 2004-12-20 00:05:47.000000000 +0100 >+++ vilistextum-2.6.8-devel/CHANGES 2004-12-23 03:11:52.000000000 +0100 >@@ -1,9 +1,14 @@ >+2.6.8-devel: (??.??.2005) >+ >+ - configure falls back to standard iconv() if no libiconv is found >+ - BUGFIX: three off-by-one error in get_attr found by Ewald Dieterich >+ > 2.6.7: (19.12.2004) > >- - BUGFIX: buffer overflow in get_attr found by Ariel Berkman >+ - BUGFIX: buffer overflow in get_attr() found by Ariel Berkman > - BUGFIX: compilation fix for Solaris by Fredrik Roubert > - more robust behaviour when encountering invalid byte sequences >- - added RPM-spec file by Joshua Jensen. >+ - added RPM-spec file by Joshua Jensen > > 2.6.6: (24.08.2004) > >diff -ruw vilistextum-2.6.7/config.h.in vilistextum-2.6.8-devel/config.h.in >--- vilistextum-2.6.7/config.h.in 2004-12-20 00:05:48.000000000 +0100 >+++ vilistextum-2.6.8-devel/config.h.in 2004-12-23 03:11:52.000000000 +0100 >@@ -3,6 +3,9 @@ > /* Define to 1 if you have the <getopt.h> header file. */ > #undef HAVE_GETOPT_H > >+/* Define to 1 if you have the <iconv.h> header file. */ >+#undef HAVE_ICONV_H >+ > /* Define to 1 if you have the <inttypes.h> header file. */ > #undef HAVE_INTTYPES_H > >diff -ruw vilistextum-2.6.7/configure vilistextum-2.6.8-devel/configure >--- vilistextum-2.6.7/configure 2004-12-20 00:05:32.000000000 +0100 >+++ vilistextum-2.6.8-devel/configure 2004-12-23 03:11:42.000000000 +0100 >@@ -1541,7 +1541,7 @@ > > # Define the identity of the package. > PACKAGE=vilistextum >- VERSION=2.6.7 >+ VERSION=2.6.8-devel > > > cat >>confdefs.h <<_ACEOF >@@ -1673,7 +1673,7 @@ > > > cat >>confdefs.h <<_ACEOF >-#define RELEASEDATE "19.12.2004" >+#define RELEASEDATE "??.??.2005" > _ACEOF > > >@@ -3631,6 +3631,153 @@ > > if test "$multibyte" = "yes"; then > >+for ac_header in iconv.h >+do >+as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` >+if eval "test \"\${$as_ac_Header+set}\" = set"; then >+ echo "$as_me:$LINENO: checking for $ac_header" >&5 >+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 >+if eval "test \"\${$as_ac_Header+set}\" = set"; then >+ echo $ECHO_N "(cached) $ECHO_C" >&6 >+fi >+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 >+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 >+else >+ # Is the header compilable? >+echo "$as_me:$LINENO: checking $ac_header usability" >&5 >+echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6 >+cat >conftest.$ac_ext <<_ACEOF >+#line $LINENO "configure" >+/* confdefs.h. */ >+_ACEOF >+cat confdefs.h >>conftest.$ac_ext >+cat >>conftest.$ac_ext <<_ACEOF >+/* end confdefs.h. */ >+$ac_includes_default >+#include <$ac_header> >+_ACEOF >+rm -f conftest.$ac_objext >+if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 >+ (eval $ac_compile) 2>&5 >+ ac_status=$? >+ echo "$as_me:$LINENO: \$? = $ac_status" >&5 >+ (exit $ac_status); } && >+ { ac_try='test -s conftest.$ac_objext' >+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5 >+ (eval $ac_try) 2>&5 >+ ac_status=$? >+ echo "$as_me:$LINENO: \$? = $ac_status" >&5 >+ (exit $ac_status); }; }; then >+ ac_header_compiler=yes >+else >+ echo "$as_me: failed program was:" >&5 >+sed 's/^/| /' conftest.$ac_ext >&5 >+ >+ac_header_compiler=no >+fi >+rm -f conftest.$ac_objext conftest.$ac_ext >+echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 >+echo "${ECHO_T}$ac_header_compiler" >&6 >+ >+# Is the header present? >+echo "$as_me:$LINENO: checking $ac_header presence" >&5 >+echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6 >+cat >conftest.$ac_ext <<_ACEOF >+#line $LINENO "configure" >+/* confdefs.h. */ >+_ACEOF >+cat confdefs.h >>conftest.$ac_ext >+cat >>conftest.$ac_ext <<_ACEOF >+/* end confdefs.h. */ >+#include <$ac_header> >+_ACEOF >+if { (eval echo "$as_me:$LINENO: \"$ac_cpp conftest.$ac_ext\"") >&5 >+ (eval $ac_cpp conftest.$ac_ext) 2>conftest.er1 >+ ac_status=$? >+ grep -v '^ *+' conftest.er1 >conftest.err >+ rm -f conftest.er1 >+ cat conftest.err >&5 >+ echo "$as_me:$LINENO: \$? = $ac_status" >&5 >+ (exit $ac_status); } >/dev/null; then >+ if test -s conftest.err; then >+ ac_cpp_err=$ac_c_preproc_warn_flag >+ else >+ ac_cpp_err= >+ fi >+else >+ ac_cpp_err=yes >+fi >+if test -z "$ac_cpp_err"; then >+ ac_header_preproc=yes >+else >+ echo "$as_me: failed program was:" >&5 >+sed 's/^/| /' conftest.$ac_ext >&5 >+ >+ ac_header_preproc=no >+fi >+rm -f conftest.err conftest.$ac_ext >+echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 >+echo "${ECHO_T}$ac_header_preproc" >&6 >+ >+# So? What about this header? >+case $ac_header_compiler:$ac_header_preproc in >+ yes:no ) >+ { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 >+echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} >+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 >+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} >+ ( >+ cat <<\_ASBOX >+## ------------------------------------ ## >+## Report this to bug-autoconf@gnu.org. ## >+## ------------------------------------ ## >+_ASBOX >+ ) | >+ sed "s/^/$as_me: WARNING: /" >&2 >+ ;; >+ no:yes ) >+ { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 >+echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} >+ { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 >+echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} >+ { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 >+echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} >+ ( >+ cat <<\_ASBOX >+## ------------------------------------ ## >+## Report this to bug-autoconf@gnu.org. ## >+## ------------------------------------ ## >+_ASBOX >+ ) | >+ sed "s/^/$as_me: WARNING: /" >&2 >+ ;; >+esac >+echo "$as_me:$LINENO: checking for $ac_header" >&5 >+echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6 >+if eval "test \"\${$as_ac_Header+set}\" = set"; then >+ echo $ECHO_N "(cached) $ECHO_C" >&6 >+else >+ eval "$as_ac_Header=$ac_header_preproc" >+fi >+echo "$as_me:$LINENO: result: `eval echo '${'$as_ac_Header'}'`" >&5 >+echo "${ECHO_T}`eval echo '${'$as_ac_Header'}'`" >&6 >+ >+fi >+if test `eval echo '${'$as_ac_Header'}'` = yes; then >+ cat >>confdefs.h <<_ACEOF >+#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 >+_ACEOF >+ >+else >+ { { echo "$as_me:$LINENO: error: Need libiconv or iconv.h for multibyte support" >&5 >+echo "$as_me: error: Need libiconv or iconv.h for multibyte support" >&2;} >+ { (exit 1); exit 1; }; } >+fi >+ >+done >+ >+ >+ > echo "$as_me:$LINENO: checking for iconv in -liconv" >&5 > echo $ECHO_N "checking for iconv in -liconv... $ECHO_C" >&6 > if test "${ac_cv_lib_iconv_iconv+set}" = set; then >@@ -3693,9 +3840,8 @@ > LIBS="-liconv $LIBS" > > else >- { { echo "$as_me:$LINENO: error: Need libiconv for multibyte support" >&5 >-echo "$as_me: error: Need libiconv for multibyte support" >&2;} >- { (exit 1); exit 1; }; } >+ { echo "$as_me:$LINENO: WARNING: only generic iconv has been found not libiconv" >&5 >+echo "$as_me: WARNING: only generic iconv has been found not libiconv" >&2;} > fi > > >diff -ruw vilistextum-2.6.7/configure.in vilistextum-2.6.8-devel/configure.in >--- vilistextum-2.6.7/configure.in 2004-12-20 00:05:14.000000000 +0100 >+++ vilistextum-2.6.8-devel/configure.in 2004-12-23 03:08:53.000000000 +0100 >@@ -1,11 +1,11 @@ > dnl Process this file with autoconf to produce a configure script. > AC_INIT(src/debug.h) >-AM_INIT_AUTOMAKE(vilistextum, 2.6.7) >+AM_INIT_AUTOMAKE(vilistextum, 2.6.8-devel) > > AM_CONFIG_HEADER(config.h) > > dnl Set current date >-AC_DEFINE_UNQUOTED(RELEASEDATE, "19.12.2004", "Release date of the program") >+AC_DEFINE_UNQUOTED(RELEASEDATE, "??.??.2005", "Release date of the program") > > dnl Checks for programs. > AC_PROG_CC >@@ -36,8 +36,11 @@ > > dnl Checks for libraries. > if test "$multibyte" = "yes"; then >+AC_CHECK_HEADERS(iconv.h,, >+ AC_MSG_ERROR(Need libiconv or iconv.h for multibyte support)) >+ > AC_CHECK_LIB(iconv, iconv,, >- AC_MSG_ERROR(Need libiconv for multibyte support)) >+ AC_MSG_WARN(only generic iconv has been found not libiconv)) > > dnl setting INTERNAL_LOCALE > AC_MSG_CHECKING(for unicode locale) >diff -ruw vilistextum-2.6.7/INSTALL vilistextum-2.6.8-devel/INSTALL >--- vilistextum-2.6.7/INSTALL 2004-04-20 12:10:18.000000000 +0200 >+++ vilistextum-2.6.8-devel/INSTALL 2004-12-22 21:49:20.000000000 +0100 >@@ -11,7 +11,7 @@ > Multibyte/Unicode version > ========================= > >-./configure --enable && make && make install >+./configure --enable-multibyte && make && make install > > The multibyte version needs libiconv. > http://www.gnu.org/software/libiconv >diff -ruw vilistextum-2.6.7/src/fileio.c vilistextum-2.6.8-devel/src/fileio.c >--- vilistextum-2.6.7/src/fileio.c 2004-12-19 22:08:08.000000000 +0100 >+++ vilistextum-2.6.8-devel/src/fileio.c 2004-12-22 21:29:34.000000000 +0100 >@@ -27,11 +27,6 @@ > #ifdef MULTIBYTE > #include <iconv.h> > #include <locale.h> >- #if defined(__sun__) >- #include <libcharset.h> >- #else >- #include <localcharset.h> >- #endif > #endif > > FILE *in, *out; >@@ -74,32 +69,42 @@ > char *inp, *outp; > int fehlernr=0; > size_t insize, outsize; >+ char *ret; > > /* set locale based on environment variables */ >- setlocale(LC_CTYPE, ""); >+ ret = setlocale(LC_CTYPE, ""); >+ if (ret==NULL) { >+ fprintf(stderr, "setlocale failed with: %s\n\n", getenv("LC_CTYPE")); >+ exit(1); >+ } > > insize = strlen(str); >+ if (insize > DEF_STR_LEN) { insize = DEF_STR_LEN; } > outsize = DEF_STR_LEN; > > inp = str; > outp = output; > > if ((conv = iconv_open("utf-8", "char"))==(iconv_t)(-1)) >- { printf("iconv_open failed in convert_string: Can't convert from %s to UTF-8?\n", locale_charset()); exit(1); } >+ { printf("iconv_open failed in convert_string: Can't convert from %s to UTF-8?\n", getenv("LC_CTYPE")); exit(1); } > > result = iconv(conv, &inp, &insize, &outp, &outsize); > fehlernr = errno; > > if (fehlernr==E2BIG) { fprintf(stderr, "errno==E2BIG\n"); } > else if (fehlernr==EILSEQ) { >- fprintf(stderr, "Can't convert '%s' as character set %s\n", str, locale_charset()); >+ fprintf(stderr, "Can't interpret '%s' as character from charset %s\n", str, getenv("LC_CTYPE")); > fprintf(stderr, "Check your language settings with locale(1)\n"); > } > else if (fehlernr==EINVAL) { fprintf(stderr, "errno==EINVAL\n"); } > > output[strlen(output)] = '\0'; > >- setlocale(LC_CTYPE, INTERNAL_LOCALE); >+ ret = setlocale(LC_CTYPE, INTERNAL_LOCALE); >+ if (ret==NULL) { >+ fprintf(stderr, "setlocale failed with: %s\n\n", INTERNAL_LOCALE); >+ exit(1); >+ } > mbstowcs(converted_string, output, strlen(output)); > > iconv_close(conv); >@@ -141,7 +146,7 @@ > fehlernr = errno; > > if (fehlernr==E2BIG) { fprintf(stderr, "errno==E2BIG\n"); } >- else if (fehlernr==EILSEQ) { fprintf(stderr, "errno==EILSEQ in output_string\n"); } >+ else if (fehlernr==EILSEQ) { fprintf(stderr, "errno==EILSEQ in output_string\n"); fprintf(stderr, "input: %s\n", inp); } > else if (fehlernr==EINVAL) { fprintf(stderr, "errno==EINVAL\n"); } > > output[DEF_STR_LEN-outsize] = '\0'; >diff -ruw vilistextum-2.6.7/src/html.c vilistextum-2.6.8-devel/src/html.c >--- vilistextum-2.6.7/src/html.c 2004-12-19 22:08:17.000000000 +0100 >+++ vilistextum-2.6.8-devel/src/html.c 2004-12-22 17:19:37.000000000 +0100 >@@ -95,9 +95,8 @@ > while ((ch!='=') && (ch!='>')) { > ch=read_char(); > if (i<DEF_STR_LEN) { attr_name[i++] = ch; } >- } >- if (i<DEF_STR_LEN) { attr_name[i-1] = '\0'; } >- else { attr_name[DEF_STR_LEN-1] = '\0'; } >+ } /* post cond: i<=DEF_STR_LEN */ >+ attr_name[i-1] = '\0'; > > if (ch=='>') { attr_ctnt[0]='\0'; return '>'; } > >@@ -116,11 +115,10 @@ > i=0; > ch=read_char(); > while(quote!=ch) { >- if (i<DEF_STR_LEN) { temp[i++] = ch; } >+ if (i<DEF_STR_LEN-1) { temp[i++] = ch; } > ch=read_char(); >- } >- if (i<DEF_STR_LEN) { temp[i] = '\0'; } >- else { temp[DEF_STR_LEN] = '\0'; } >+ } /* post cond: i<=DEF_STR_LEN-1 */ >+ temp[i] = '\0'; > ch=read_char(); > } > else >@@ -131,9 +129,8 @@ > while ((ch!='>') && (!isspace(ch))) { > ch=read_char(); > if (i<DEF_STR_LEN) { temp[i++] = ch; } >- } >- if (i<DEF_STR_LEN) { temp[i-1] = '\0'; } >- else { temp[DEF_STR_LEN-1] = '\0'; } >+ } /* post cond: i<=DEF_STR_LEN */ >+ temp[i-1] = '\0'; > } > > uppercase_str(attr_name); >diff -ruw vilistextum-2.6.7/src/html_tag.c vilistextum-2.6.8-devel/src/html_tag.c >--- vilistextum-2.6.7/src/html_tag.c 2004-12-19 22:08:20.000000000 +0100 >+++ vilistextum-2.6.8-devel/src/html_tag.c 2004-12-22 17:23:09.000000000 +0100 >@@ -52,12 +52,10 @@ > /* read html tag */ > while ((ch!='>') && (ch!=' ') && (ch!=13) && (ch!=10)) > { >- if (i<DEF_STR_LEN) { str[i] = ch; } >- i++; >+ if (i<DEF_STR_LEN-1) { str[i++] = ch; } > ch = uppercase(read_char()); >- } >- if (i>=DEF_STR_LEN) { str[DEF_STR_LEN] = '\0'; } >- else { str[i] = '\0';} >+ } /* post cond: i<=DEF_STR_LEN-1 */ >+ str[i] = '\0'; > > #ifdef debug > fprintf(stderr, "html_tag: %ls\n",str); >@@ -332,6 +330,8 @@ > else if CMP("/SCRIPT", str) {} > else if CMP("STYLE", str) {} > else if CMP("/STYLE", str) {} >+ else if CMP("TITLE", str) {} >+ else if CMP("/TITLE", str) {} > else { if (errorlevel>=2) { print_error("tag ignored: ", str);} } > } > >diff -ruw vilistextum-2.6.7/src/main.c vilistextum-2.6.8-devel/src/main.c >--- vilistextum-2.6.7/src/main.c 2004-12-19 22:08:30.000000000 +0100 >+++ vilistextum-2.6.8-devel/src/main.c 2004-12-22 17:16:05.000000000 +0100 >@@ -253,7 +253,7 @@ > case 's': > shrink_lines = atoi(argument); if (shrink_lines==0) { shrink_lines = 1; } break; > >- case 'r': remove_empty_alt = 1; /* printf("remove_empty_alt\n"); */ break; >+ case 'r': remove_empty_alt = 1; break; > case 'i': > #ifdef MULTIBYTE > convert_string(argument, user_image); >diff -ruw vilistextum-2.6.7/src/text.c vilistextum-2.6.8-devel/src/text.c >--- vilistextum-2.6.7/src/text.c 2004-12-19 22:08:41.000000000 +0100 >+++ vilistextum-2.6.8-devel/src/text.c 2004-12-22 15:43:26.000000000 +0100 >@@ -249,10 +249,12 @@ > > if (!palm) > { >+ if (wort_pos+len<DEF_STR_LEN) { > while (i<wort_pos+len) { wort[i] = s[j]; j++; i++; } > wort[i] = '\0'; > wort_pos += len; > } >+ } > > #ifdef proc_debug > printf("wort_plus_string_nocount() ende\n"); >@@ -273,9 +275,11 @@ > printf("s: %ls len: %d\n", s,len); > #endif > >+ if (wort_pos+len<DEF_STR_LEN) { > while (i<wort_pos+len) { wort[i] = s[j]; j++; i++; } > wort[i] = '\0'; > wort_pos += len; wort_len += len; >+ } > > #ifdef proc_debug > printf("wort_plus_string() ende\n");
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=46682">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 74694
:
46170
|
46171
|
46682
|
47351
|
47389
