rpms/rogue/FC-5 rogue-5.4-setgid.patch,1.1,1.2 rogue.spec,1.4,1.5
Michael Thomas (wart)
fedora-extras-commits at redhat.com
Fri May 19 16:12:42 UTC 2006
Author: wart
Update of /cvs/extras/rpms/rogue/FC-5
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7976/FC-5
Modified Files:
rogue-5.4-setgid.patch rogue.spec
Log Message:
- Added empty initial scoreboard file.
- Better setuid/setgid handling (BZ #187392)
rogue-5.4-setgid.patch:
Index: rogue-5.4-setgid.patch
===================================================================
RCS file: /cvs/extras/rpms/rogue/FC-5/rogue-5.4-setgid.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- rogue-5.4-setgid.patch 11 Apr 2006 02:04:46 -0000 1.1
+++ rogue-5.4-setgid.patch 19 May 2006 16:12:41 -0000 1.2
@@ -1,6 +1,6 @@
-diff -Naur --exclude '*.swp' rogue/extern.c rogue.new/extern.c
+diff -Naur rogue/extern.c rogue.new/extern.c
--- rogue/extern.c 2006-01-03 16:17:29.000000000 -0800
-+++ rogue.new/extern.c 2006-03-30 13:24:12.000000000 -0800
++++ rogue.new/extern.c 2006-05-15 15:43:43.000000000 -0700
@@ -111,7 +111,7 @@
};
@@ -10,9 +10,9 @@
int food_left; /* Amount of food in hero's stomach */
int lastscore = -1; /* Score before this turn */
int no_command = 0; /* Number of turns asleep */
-diff -Naur --exclude '*.swp' rogue/extern.h rogue.new/extern.h
---- rogue/extern.h 2006-03-19 11:22:14.000000000 -0800
-+++ rogue.new/extern.h 2006-03-30 13:24:22.000000000 -0800
+diff -Naur rogue/extern.h rogue.new/extern.h
+--- rogue/extern.h 2006-05-15 15:43:15.000000000 -0700
++++ rogue.new/extern.h 2006-05-15 15:43:43.000000000 -0700
@@ -50,7 +50,7 @@
extern char fruit[], orig_dsusp, prbuf[], whoami[];
@@ -22,9 +22,9 @@
#ifdef TIOCGLTC
extern struct ltchars ltc;
-diff -Naur --exclude '*.swp' rogue/mach_dep.c rogue.new/mach_dep.c
+diff -Naur rogue/mach_dep.c rogue.new/mach_dep.c
--- rogue/mach_dep.c 2006-01-30 08:36:21.000000000 -0800
-+++ rogue.new/mach_dep.c 2006-04-01 19:26:15.000000000 -0800
++++ rogue.new/mach_dep.c 2006-05-15 15:43:43.000000000 -0700
@@ -45,7 +45,9 @@
#include <sys/stat.h>
#include <limits.h>
@@ -87,9 +87,9 @@
md_normaluser();
}
-diff -Naur --exclude '*.swp' rogue/main.c rogue.new/main.c
+diff -Naur rogue/main.c rogue.new/main.c
--- rogue/main.c 2006-01-29 16:11:32.000000000 -0800
-+++ rogue.new/main.c 2006-03-30 13:40:16.000000000 -0800
++++ rogue.new/main.c 2006-05-15 15:43:43.000000000 -0700
@@ -24,6 +24,13 @@
char *env;
int lowtime;
@@ -112,9 +112,9 @@
if (argc == 2)
if (strcmp(argv[1], "-s") == 0)
{
-diff -Naur --exclude '*.swp' rogue/mdport.c rogue.new/mdport.c
+diff -Naur rogue/mdport.c rogue.new/mdport.c
--- rogue/mdport.c 2006-01-29 18:24:39.000000000 -0800
-+++ rogue.new/mdport.c 2006-04-01 19:26:16.000000000 -0800
++++ rogue.new/mdport.c 2006-05-15 15:45:21.000000000 -0700
@@ -193,8 +193,17 @@
md_normaluser()
{
@@ -135,7 +135,7 @@
#endif
}
-@@ -397,22 +406,31 @@
+@@ -397,22 +406,35 @@
char *
md_getroguedir()
{
@@ -143,7 +143,11 @@
+ static char path[PATH_MAX];
char *end,*home;
- if ( (home = getenv("ROGUEHOME")) != NULL)
+- if ( (home = getenv("ROGUEHOME")) != NULL)
++ /* Disable the use of ROGUEHOME to prevent users from
++ * maliciously overwriting save files from other setgid games.
++ */
++ if ( (home = getenv("ROGUEHOME")) != NULL && 0)
{
if (*home)
{
@@ -156,30 +160,31 @@
-
- if (directory_exists(path))
- return(path);
-+ if (strlen(home) > PATH_MAX-20) {
++ /* The magic number 20 is used to guarantee that the save/lock
++ * filenames (which are much shorter than 20 characters) can
++ * be appended to this buffer.
++ */
++ if (strlen(home) >= PATH_MAX-20) {
+ fprintf(stderr, "ROGUEHOME path is too long. Ignoring.\n");
+ } else {
-+ strncpy(path, home, PATH_MAX-20);
-+ /* Ensure that we have a terminating NULL character.
-+ */
-+ path[PATH_MAX-1] = (char)NULL;
-+
-+ end = &path[strlen(path)-1];
-+
++ strcpy(path, home);
++
++ end = &path[strlen(path)-1];
++
+ /* Strip off any trailing path separators from the path.
+ */
-+ while( (end >= path) && ((*end == '/') || (*end == '\\')))
-+ *end-- = '\0';
-+
-+ if (directory_exists(path))
-+ return(path);
++ while( (end >= path) && ((*end == '/') || (*end == '\\')))
++ *end-- = '\0';
++
++ if (directory_exists(path))
++ return(path);
+ }
}
}
-diff -Naur --exclude '*.swp' rogue/rip.c rogue.new/rip.c
+diff -Naur rogue/rip.c rogue.new/rip.c
--- rogue/rip.c 2006-01-03 16:17:29.000000000 -0800
-+++ rogue.new/rip.c 2006-03-30 13:32:17.000000000 -0800
++++ rogue.new/rip.c 2006-05-15 15:43:43.000000000 -0700
@@ -60,7 +60,6 @@
int i;
SCORE *sc2;
@@ -239,9 +244,9 @@
}
/*
-diff -Naur --exclude '*.swp' rogue/save.c rogue.new/save.c
+diff -Naur rogue/save.c rogue.new/save.c
--- rogue/save.c 2006-01-30 08:05:35.000000000 -0800
-+++ rogue.new/save.c 2006-03-30 13:33:45.000000000 -0800
++++ rogue.new/save.c 2006-05-15 15:43:43.000000000 -0700
@@ -335,7 +335,40 @@
/*
@@ -302,9 +307,9 @@
sscanf(scoreline, " %u %hu %u %hu %hu %lx \n",
&top_ten[i].sc_uid, &top_ten[i].sc_score,
&top_ten[i].sc_flags, &top_ten[i].sc_monster,
-diff -Naur --exclude '*.swp' rogue/state.c rogue.new/state.c
+diff -Naur rogue/state.c rogue.new/state.c
--- rogue/state.c 2006-01-03 16:17:29.000000000 -0800
-+++ rogue.new/state.c 2006-03-30 13:09:46.000000000 -0800
++++ rogue.new/state.c 2006-05-15 15:43:43.000000000 -0700
@@ -2138,7 +2138,8 @@
rs_write_int(savef, no_food);
rs_write_ints(savef,a_class,MAXARMORS);
Index: rogue.spec
===================================================================
RCS file: /cvs/extras/rpms/rogue/FC-5/rogue.spec,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- rogue.spec 11 Apr 2006 02:02:20 -0000 1.4
+++ rogue.spec 19 May 2006 16:12:41 -0000 1.5
@@ -1,6 +1,6 @@
Name: rogue
Version: 5.4.2
-Release: 4%{?dist}
+Release: 5%{?dist}
Summary: The original graphical adventure game
Group: Amusements/Games
@@ -49,6 +49,8 @@
mkdir -p $RPM_BUILD_ROOT/%{_datadir}/icons/hicolor/32x32/apps/
install -p -m 644 %{SOURCE2} $RPM_BUILD_ROOT/%{_datadir}/icons/hicolor/32x32/apps/
+touch $RPM_BUILD_ROOT%{_var}/games/roguelike/rogue54.scr
+
%clean
rm -rf $RPM_BUILD_ROOT
@@ -73,11 +75,16 @@
%{_datadir}/applications/fedora-%{name}.desktop
%{_datadir}/icons/hicolor/32x32/apps/rogue.png
%dir %attr(0775,games,games) %{_var}/games/roguelike
+%config(noreplace) %attr(0664,games,games) %{_var}/games/roguelike/rogue54.scr
%doc LICENSE.TXT rogue54.doc rogue54.html readme54.html
%changelog
+* Fri May 19 2006 Wart <wart at kobold.org> 5.4.2-5
+- Added empty initial scoreboard file.
+- Better setuid/setgid handling (again) (BZ #187392)
+
* Thu Mar 30 2006 Wart <wart at kobold.org> 5.4.2-4
- Better setuid/setgid handling (BZ #187392)
- Resize desktop icon to match directory name
More information about the scm-commits
mailing list