summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2006-06-10 12:49:56 +0000
committerMike Frysinger <vapier@gentoo.org>2006-06-10 12:49:56 +0000
commit83dda3710730a46a6dd36bb69681076a4e964ca2 (patch)
tree122fc4e81564e50cb6aace85f21210473e88c8d3 /games-action
parentMove /lib/cpp creation to pkg_postinst (bug #135862) (diff)
downloadgentoo-2-83dda3710730a46a6dd36bb69681076a4e964ca2.tar.gz
gentoo-2-83dda3710730a46a6dd36bb69681076a4e964ca2.tar.bz2
gentoo-2-83dda3710730a46a6dd36bb69681076a4e964ca2.zip
Fix remote crash #136222.
(Portage version: 2.1)
Diffstat (limited to 'games-action')
-rw-r--r--games-action/0verkill/0verkill-0.16-r3.ebuild61
-rw-r--r--games-action/0verkill/ChangeLog10
-rw-r--r--games-action/0verkill/files/0verkill-0.16-underflow-check.patch17
-rw-r--r--games-action/0verkill/files/digest-0verkill-0.16-r31
4 files changed, 87 insertions, 2 deletions
diff --git a/games-action/0verkill/0verkill-0.16-r3.ebuild b/games-action/0verkill/0verkill-0.16-r3.ebuild
new file mode 100644
index 000000000000..caa220763fed
--- /dev/null
+++ b/games-action/0verkill/0verkill-0.16-r3.ebuild
@@ -0,0 +1,61 @@
+# Copyright 1999-2006 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/games-action/0verkill/0verkill-0.16-r3.ebuild,v 1.1 2006/06/10 12:49:56 vapier Exp $
+
+inherit eutils games
+
+DESCRIPTION="A bloody 2D action deathmatch-like game in ASCII-ART"
+HOMEPAGE="http://artax.karlin.mff.cuni.cz/~brain/0verkill/"
+SRC_URI="http://artax.karlin.mff.cuni.cz/~brain/0verkill/release/${P}.tgz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ppc sparc x86"
+IUSE="X"
+
+DEPEND="X? ( || ( x11-libs/libXpm virtual/x11 ) )"
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+ epatch "${FILESDIR}"/${PV}-docs.patch
+ epatch "${FILESDIR}"/${PV}-home-overflow.patch
+ epatch "${FILESDIR}"/${PV}-gentoo-paths.patch
+ epatch "${FILESDIR}"/${P}-underflow-check.patch #136222
+ sed -i \
+ -e "s:data/:${GAMES_DATADIR}/${PN}/data/:" cfg.h \
+ || die "sed failed"
+ sed -i \
+ -e "s:@CFLAGS@ -O3 :@CFLAGS@ :" Makefile.in \
+ || die "sed failed"
+}
+
+src_compile() {
+ egamesconf $(use_with X x) || die
+ emake || die "emake failed"
+}
+
+src_install() {
+ local x
+ dogamesbin 0verkill || die
+ for x in avi bot editor server test_server ; do
+ newgamesbin ${x} 0verkill-${x} || die ${x}
+ done
+ if use X ; then
+ dogamesbin x0verkill || die
+ for x in avi editor ; do
+ newgamesbin ${x} 0verkill-${x} || die ${x}
+ done
+ fi
+
+ insinto ${GAMES_DATADIR}/${PN}/data
+ doins data/* || die
+ insinto ${GAMES_DATADIR}/${PN}/grx
+ doins grx/* || die
+
+ dohtml doc/*.htm
+ rm doc/*.html doc/README.OS2 doc/Readme\ Win32.txt doc/COPYING
+ dodoc doc/*
+
+ prepgamesdirs
+}
diff --git a/games-action/0verkill/ChangeLog b/games-action/0verkill/ChangeLog
index a9e57fe8cf63..6eacb2a94a63 100644
--- a/games-action/0verkill/ChangeLog
+++ b/games-action/0verkill/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for games-action/0verkill
-# Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/games-action/0verkill/ChangeLog,v 1.12 2006/04/30 16:31:32 bazik Exp $
+# Copyright 1999-2006 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/games-action/0verkill/ChangeLog,v 1.13 2006/06/10 12:49:56 vapier Exp $
+
+*0verkill-0.16-r3 (10 Jun 2006)
+
+ 10 Jun 2006; Mike Frysinger <vapier@gentoo.org>
+ +files/0verkill-0.16-underflow-check.patch, +0verkill-0.16-r3.ebuild:
+ Fix remote crash #136222.
30 Apr 2006; Sven Blumenstein <bazik@gentoo.org> 0verkill-0.16-r2.ebuild:
Added sparc keyword.
diff --git a/games-action/0verkill/files/0verkill-0.16-underflow-check.patch b/games-action/0verkill/files/0verkill-0.16-underflow-check.patch
new file mode 100644
index 000000000000..d0af396deafd
--- /dev/null
+++ b/games-action/0verkill/files/0verkill-0.16-underflow-check.patch
@@ -0,0 +1,17 @@
+The vulnerability is cause due to an integer underflow error in "recv_packet()"
+within the handling of a received UDP packet. This can be exploited to cause
+out-of-bounds memory access which crashes the server process via a UDP packet
+that is smaller than 12 bytes in size.
+
+http://bugs.gentoo.org/136222
+
+--- 0verkill-0.16/net.c
++++ 0verkill-0.16/net.c
+@@ -84,6 +84,7 @@
+ p=mem_alloc(max_len+12);
+ if (!p)return -1; /* not enough memory */
+ retval=recvfrom(fd,p,max_len+12,0,addr,addr_len);
++ if (retval<12)return -1; /* not enough data from network */
+ memcpy(packet,p+12,max_len);
+ crc=p[0]+(p[1]<<8)+(p[2]<<16)+(p[3]<<24);
+ s=p[4]+(p[5]<<8)+(p[6]<<16)+(p[7]<<24);
diff --git a/games-action/0verkill/files/digest-0verkill-0.16-r3 b/games-action/0verkill/files/digest-0verkill-0.16-r3
new file mode 100644
index 000000000000..d7375b8806ba
--- /dev/null
+++ b/games-action/0verkill/files/digest-0verkill-0.16-r3
@@ -0,0 +1 @@
+MD5 814097fc21a82723a40ec8ae5dd792a7 0verkill-0.16.tgz 276579