Added patch to fix the buffer overflow that kills slirpvde under fortify.

(Portage version: 2.2_rc28/cvs/Linux x86_64)

3 files changed, 59 insertions, 3 deletions

diff --git a/net-misc/vde/ChangeLog b/net-misc/vde/ChangeLog
index f72a3f3afeb1..db14340df26e 100644
--- a/net-misc/vde/ChangeLog
+++ b/net-misc/vde/ChangeLog
@@ -1,6 +1,10 @@
 # ChangeLog for net-misc/vde
 # Copyright 1999-2009 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/vde/ChangeLog,v 1.19 2009/04/03 17:17:21 jmbsvicetto Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/vde/ChangeLog,v 1.20 2009/04/06 19:02:06 jmbsvicetto Exp $
+
+  06 Apr 2009; Jorge Manuel B. S. Vicetto <jmbsvicetto@gentoo.org>
+  +files/vde-2.2.2-slirpvde-buffer-overflow.patch, vde-2.2.2.ebuild:
+  Added patch to fix the buffer overflow that kills slirpvde under fortify.
 
   03 Apr 2009; Jorge Manuel B. S. Vicetto <jmbsvicetto@gentoo.org>
   metadata.xml:
diff --git a/net-misc/vde/files/vde-2.2.2-slirpvde-buffer-overflow.patch b/net-misc/vde/files/vde-2.2.2-slirpvde-buffer-overflow.patch
new file mode 100644
index 000000000000..cc494e16ac46
--- /dev/null
+++ b/net-misc/vde/files/vde-2.2.2-slirpvde-buffer-overflow.patch
@@ -0,0 +1,49 @@
+From d466d77be6ec40d8d7d96050fbee5e17e7c61af9 Mon Sep 17 00:00:00 2001
+From: Ludwig Nussel <ludwig.nussel@suse.de>
+Date: Tue, 30 Sep 2008 16:59:01 +0200
+Subject: [PATCH] fix static buffer overflows
+
+---
+ src/slirpvde/slirpvde.c |   12 +++++++-----
+ 1 files changed, 7 insertions(+), 5 deletions(-)
+
+diff --git a/src/slirpvde/slirpvde.c b/src/slirpvde/slirpvde.c
+index 47512ca..016aa45 100644
+--- a/src/slirpvde/slirpvde.c
++++ b/src/slirpvde/slirpvde.c
+@@ -53,7 +53,7 @@
+ VDECONN *conn;
+ int dhcpmgmt=0;
+ static char *pidfile = NULL;
+-static char pidfile_path[_POSIX_PATH_MAX];
++static char pidfile_path[PATH_MAX];
+ int logok=0;
+ char *prog;
+ extern FILE *lfd;
+@@ -78,9 +78,11 @@ void printlog(int priority, const char *format, ...)
+ static void save_pidfile()
+ {
+ 	if(pidfile[0] != '/')
+-		strncat(pidfile_path, pidfile, PATH_MAX - strlen(pidfile_path));
+-	else
+-		strcpy(pidfile_path, pidfile);
++		strncat(pidfile_path, pidfile, sizeof(pidfile_path) - strlen(pidfile_path) -1);
++	else {
++		pidfile_path[0] = 0;
++		strncat(pidfile_path, pidfile, sizeof(pidfile_path)-1);
++	}
+ 
+ 	int fd = open(pidfile_path,
+ 			O_WRONLY | O_CREAT | O_EXCL,
+@@ -433,7 +435,7 @@ int main(int argc, char **argv)
+ 		exit(1);
+ 	}
+ 	
+-	strcat(pidfile_path, "/");
++	strncat(pidfile_path, "/", sizeof(pidfile_path) - strlen(pidfile_path) -1);
+ 	if (daemonize && daemon(0, 0)) {
+ 		printlog(LOG_ERR,"daemon: %s",strerror(errno));
+ 		exit(1);
+-- 
+1.5.6
+
diff --git a/net-misc/vde/vde-2.2.2.ebuild b/net-misc/vde/vde-2.2.2.ebuild
index 62b66a645fb5..c52ff64ecc89 100644
--- a/net-misc/vde/vde-2.2.2.ebuild
+++ b/net-misc/vde/vde-2.2.2.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2009 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-misc/vde/vde-2.2.2.ebuild,v 1.4 2009/03/06 22:36:38 lu_zero Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-misc/vde/vde-2.2.2.ebuild,v 1.5 2009/04/06 19:02:06 jmbsvicetto Exp $
 
 inherit base eutils
 
@@ -15,8 +15,11 @@ LICENSE="GPL-2"
 KEYWORDS="amd64 ~ppc ~ppc64 x86"
 IUSE=""
 DEPEND=""
+RDEPEND=""
 
-PATCHES=( "${FILESDIR}/${P}-gcc43.patch" )
+# The slirpvde-buffer-overflow patch was made by Ludwig Nussel and submitted upstream at
+# http://sourceforge.net/tracker/?func=detail&aid=2138410&group_id=95403&atid=611248
+PATCHES=( "${FILESDIR}/${P}-gcc43.patch" "${FILESDIR}/${P}-slirpvde-buffer-overflow.patch" )
 
 src_install() {
 	emake DESTDIR="${D}" install || die "emake install failed"