summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeroen Roovers <jer@gentoo.org>2010-10-22 16:45:21 +0000
committerJeroen Roovers <jer@gentoo.org>2010-10-22 16:45:21 +0000
commit60a546cb94e42c2ba10909effdb55babffeea3cb (patch)
tree2780c781649697cf984f45bfb82e7105fda5ddfa /net-libs/libsmi
parentFix buffer overflows wrt bug 338180. Thanks to Diego for the report. Fix impl... (diff)
downloadgentoo-2-60a546cb94e42c2ba10909effdb55babffeea3cb.tar.gz
gentoo-2-60a546cb94e42c2ba10909effdb55babffeea3cb.tar.bz2
gentoo-2-60a546cb94e42c2ba10909effdb55babffeea3cb.zip
Patch for bug #342127.
(Portage version: 2.2_rc99/cvs/Linux i686)
Diffstat (limited to 'net-libs/libsmi')
-rw-r--r--net-libs/libsmi/ChangeLog10
-rw-r--r--net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch21
-rw-r--r--net-libs/libsmi/libsmi-0.4.8-r1.ebuild38
3 files changed, 67 insertions, 2 deletions
diff --git a/net-libs/libsmi/ChangeLog b/net-libs/libsmi/ChangeLog
index 00c654fb9746..21eaffaf87dd 100644
--- a/net-libs/libsmi/ChangeLog
+++ b/net-libs/libsmi/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for net-libs/libsmi
-# Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-libs/libsmi/ChangeLog,v 1.29 2009/02/20 18:55:13 armin76 Exp $
+# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-libs/libsmi/ChangeLog,v 1.30 2010/10/22 16:45:20 jer Exp $
+
+*libsmi-0.4.8-r1 (22 Oct 2010)
+
+ 22 Oct 2010; Jeroen Roovers <jer@gentoo.org> +libsmi-0.4.8-r1.ebuild,
+ +files/libsmi-0.4.8-CVE-2010-2891.patch:
+ Patch for bug #342127.
20 Feb 2009; Raúl Porcel <armin76@gentoo.org> libsmi-0.4.8.ebuild:
Add ~arm/~s390/~sh wrt #247076
diff --git a/net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch b/net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch
new file mode 100644
index 000000000000..114431d00e31
--- /dev/null
+++ b/net-libs/libsmi/files/libsmi-0.4.8-CVE-2010-2891.patch
@@ -0,0 +1,21 @@
+Index: lib/smi.c
+===================================================================
+--- lib/smi.c (revision 29144)
++++ lib/smi.c (working copy)
+@@ -1793,10 +1793,15 @@
+ }
+
+ if (isdigit((int)node2[0])) {
+- for (oidlen = 0, p = strtok(node2, ". "); p;
++ for (oidlen = 0, p = strtok(node2, ". ");
++ p && oidlen < sizeof(oid)/sizeof(oid[0]);
+ oidlen++, p = strtok(NULL, ". ")) {
+ oid[oidlen] = strtoul(p, NULL, 0);
+ }
++ if (p) {
++ /* the numeric OID is too long */
++ return NULL;
++ }
+ nodePtr = getNode(oidlen, oid);
+ if (nodePtr) {
+ if (modulePtr) {
diff --git a/net-libs/libsmi/libsmi-0.4.8-r1.ebuild b/net-libs/libsmi/libsmi-0.4.8-r1.ebuild
new file mode 100644
index 000000000000..330c43daaaee
--- /dev/null
+++ b/net-libs/libsmi/libsmi-0.4.8-r1.ebuild
@@ -0,0 +1,38 @@
+# Copyright 1999-2010 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-libs/libsmi/libsmi-0.4.8-r1.ebuild,v 1.1 2010/10/22 16:45:20 jer Exp $
+
+EAPI="2"
+
+inherit eutils flag-o-matic
+
+DESCRIPTION="A Library to Access SMI MIB Information"
+SRC_URI="ftp://ftp.ibr.cs.tu-bs.de/pub/local/${PN}/${P}.tar.gz"
+HOMEPAGE="http://www.ibr.cs.tu-bs.de/projects/libsmi"
+
+LICENSE="BSD"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~x86-fbsd"
+IUSE=""
+
+src_prepare() {
+ epatch "${FILESDIR}"/${P}-CVE-2010-2891.patch
+}
+
+src_configure() {
+ replace-flags -O? -O2
+ econf
+}
+
+src_test() {
+ # sming test is known to fail and some other fail if LC_ALL!=C:
+ # http://mail.ibr.cs.tu-bs.de/pipermail/libsmi/2008-March/001014.html
+ sed -i '/^[[:space:]]*smidump-sming.test \\$/d' test/Makefile
+ LC_ALL=C emake -j1 check || die "Make check failed. See above for details."
+}
+
+src_install () {
+ emake DESTDIR="${D}" install || die
+ dodoc smi.conf-example ANNOUNCE ChangeLog README THANKS TODO \
+ doc/{*.txt,smi.dia,smi.dtd,smi.xsd}
+}