rpms/zarafa/EL-5 zarafa-6.30.10-fortify.patch, NONE, 1.1 zarafa-6.30.10-long-ulong.patch, NONE, 1.1 zarafa.spec, 1.1, 1.2

Robert Scheck robert at fedoraproject.org
Tue Feb 23 21:24:36 UTC 2010 

Author: robert

Update of /cvs/pkgs/rpms/zarafa/EL-5
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv1090/EL-5

Modified Files:
	zarafa.spec 
Added Files:
	zarafa-6.30.10-fortify.patch zarafa-6.30.10-long-ulong.patch 
Log Message:
- Backported a patch from trunk to avoid the crash of zarafa-server when creating new user with db or unix plugin (#564282, #567262)
- Backported another patch from trunk to avoid the crash of httpd caused by PHP mapi.so during the logon in the webaccess (#564129)


zarafa-6.30.10-fortify.patch:
 common/ZarafaUtil.cpp          |    3 ++-
 libserver/ECUserManagement.cpp |    6 ++++--
 2 files changed, 6 insertions(+), 3 deletions(-)

--- NEW FILE zarafa-6.30.10-fortify.patch ---
Remerged changeset of Subversion Revision 18952 from 6.40.0 (trunk) to 6.30.10

--- zarafa-6.30.10/provider/common/ZarafaUtil.cpp			2010-01-26 17:34:51.000000000 +0100
+++ zarafa-6.30.10/provider/common/ZarafaUtil.cpp.fortify		2010-02-22 15:52:11.000000000 +0100
@@ -355,7 +355,8 @@
 	if (!strExternId.empty())
 	{
 		lpUserEid->ulVersion = 1;
-		lstrcpy(lpUserEid->szExId, strEncExId.c_str());
+		// avoid FORTIFY_SOURCE checks in strcpy to an address that the compiler thinks is 1 size large
+		memcpy(lpUserEid->szExId, strEncExId.c_str(), strEncExId.length()+1);
 	}
 
 	lpsEntryId->__size = ulLen;
--- zarafa-6.30.10/provider/libserver/ECUserManagement.cpp		2010-01-26 17:34:51.000000000 +0100
+++ zarafa-6.30.10/provider/libserver/ECUserManagement.cpp.fortify	2010-02-22 16:03:33.000000000 +0100
@@ -4152,7 +4152,8 @@
 	if (!strEncExId.empty())
 	{
 		lpAbeid->ulVersion = 1;
-		strcpy(lpAbeid->szExId, strEncExId.c_str());
+		// avoid FORTIFY_SOURCE checks in strcpy to an address that the compiler thinks is 1 size large
+		memcpy(lpAbeid->szExId, strEncExId.c_str(), strEncExId.length()+1);
 	}
 
 	*lpsSourceKey = SOURCEKEY(ulLen, (char*)lpAbeid);
@@ -4190,7 +4191,8 @@
 		memset(lpEid, 0, CbNewABEID(strEncExId.c_str()));
 
 		lpEid->ulVersion = 1;
-		lstrcpy(lpEid->szExId, strEncExId.c_str());
+		// avoid FORTIFY_SOURCE checks in strcpy to an address that the compiler thinks is 1 size large
+		memcpy(lpEid->szExId, strEncExId.c_str(), strEncExId.length()+1);
 
 	}
 

zarafa-6.30.10-long-ulong.patch:
 main.cpp |   41 ++++++++++++++++++++++++++---------------
 1 file changed, 26 insertions(+), 15 deletions(-)

--- NEW FILE zarafa-6.30.10-long-ulong.patch ---
Remerged changeset of Subversion Revision 18968 from 6.40.0 (trunk) to 6.30.10

--- zarafa-6.30.10/php-ext/main.cpp					2010-01-26 17:34:48.000000000 +0100
+++ zarafa-6.30.10/php-ext/main.cpp.php.long-ulong			2010-02-23 20:39:15.000000000 +0100
@@ -2125,10 +2125,11 @@
 {
 	// params
 	zval * res;
-	LPMAPITABLE	lpTable				= NULL;
 	zval * sortArray;
+	long ulFlags = 0;
+	// local
+	LPMAPITABLE	lpTable				= NULL;
 	LPSSortOrderSet lpSortCriteria	= NULL;
-	ULONG ulFlags = 0;
 
 	RETVAL_FALSE;
 	MAPI_G(hr) = hrSuccess;
@@ -2189,10 +2190,11 @@
 {
 	// params
 	zval			*res;
+	zval			*restrictionArray;
+	ulong			ulFlags = 0;
+	// local
 	LPMAPITABLE		lpTable = NULL;
-	zval			*restrictionArray;
 	LPSRestriction	lpRestrict = NULL;
-	ULONG			ulFlags = 0;
 
 	RETVAL_FALSE;
 	MAPI_G(hr) = hrSuccess;
@@ -2213,7 +2215,7 @@
 		}
 	}
 
-	MAPI_G(hr) = lpTable->Restrict(lpRestrict, ulFlags); // TODO: set flags from php?
+	MAPI_G(hr) = lpTable->Restrict(lpRestrict, ulFlags);
 	if(MAPI_G(hr) != hrSuccess)
 		goto exit;
 
@@ -3696,11 +3698,13 @@
 }
 
 ZEND_FUNCTION(mapi_folder_getsearchcriteria) {
+	// params
 	zval *res = NULL;
 	zval *restriction = NULL;
 	zval *folderlist = NULL;
 	LPMAPIFOLDER lpFolder = NULL;
 	long ulFlags = 0;
+	// local
 	LPSRestriction lpRestriction = NULL;
 	LPENTRYLIST lpFolderList = NULL;
 	ULONG ulSearchState = 0;
@@ -3734,13 +3738,15 @@
 }
 
 ZEND_FUNCTION(mapi_folder_setsearchcriteria) {
-	LPMAPIFOLDER lpFolder = NULL;
-	LPENTRYLIST lpFolderList = NULL;
-	LPSRestriction lpRestriction = NULL;
-	long ulFlags = 0;
+	// param
 	zval *res = NULL;
 	zval *restriction = NULL;
 	zval *folderlist = NULL;
+	long ulFlags = 0;
+	// local
+	LPMAPIFOLDER lpFolder = NULL;
+	LPENTRYLIST lpFolderList = NULL;
+	LPSRestriction lpRestriction = NULL;
 
 	RETVAL_FALSE;
 	MAPI_G(hr) = hrSuccess;
@@ -6396,9 +6402,11 @@
 
 ZEND_FUNCTION(mapi_freebusyupdate_publish)
 {
+	// params
+	zval*				resFBUpdate = NULL;
 	zval*				aBlocks = NULL;
 	IFreeBusyUpdate*	lpFBUpdate = NULL;
-	zval*				resFBUpdate = NULL;
+	// local
 	FBBlock_1*			lpBlocks = NULL;
 	ULONG				cBlocks = 0;
 	HashTable*			target_hash = NULL;
@@ -6495,12 +6503,14 @@
 
 ZEND_FUNCTION(mapi_freebusyupdate_savechanges)
 {
-	IFreeBusyUpdate*	lpFBUpdate = NULL;
+	// params
 	zval*				resFBUpdate = NULL;
-	FILETIME			ftmStart;
-	FILETIME			ftmEnd;
 	time_t				ulUnixStart = 0;
 	time_t				ulUnixEnd = 0;
+	IFreeBusyUpdate*	lpFBUpdate = NULL;
+	// local
+	FILETIME			ftmStart;
+	FILETIME			ftmEnd;
 
 	RETVAL_FALSE;
 	MAPI_G(hr) = hrSuccess;
@@ -6523,13 +6533,14 @@
 
 ZEND_FUNCTION(mapi_favorite_add)
 {
+	// params
 	zval *				resSession = NULL;
 	zval *				resFolder = NULL;
 	Session				*lpSession = NULL;
-	LPMAPIFOLDER		lpShortCutFolder = NULL;
-
 	LPMAPIFOLDER		lpFolder = NULL;
 	long				ulFlags = 0;
+	// local
+	LPMAPIFOLDER			lpShortCutFolder = NULL;
 	ULONG				cbAliasName = 0;
 	LPSTR				lpszAliasName = NULL;
 


Index: zarafa.spec
===================================================================
RCS file: /cvs/pkgs/rpms/zarafa/EL-5/zarafa.spec,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- zarafa.spec	8 Feb 2010 14:21:30 -0000	1.1
+++ zarafa.spec	23 Feb 2010 21:24:36 -0000	1.2
@@ -116,7 +116,7 @@
 #
 
 %define beta_or_rc      0
-%define actual_release  1
+%define actual_release  2
 %define svnrevision     18495
 %define with_ldap       1
 %define with_xmlto      1
@@ -146,6 +146,9 @@ Patch0:             zarafa-6.30.4-packag
 Patch1:             zarafa-6.30.4-perl.patch
 Patch2:             zarafa-6.30.10-undefined-symbol.patch
 Patch3:             zarafa-6.30.10-chmod.patch
+# Patch 4 and 5 are backports from upstream
+Patch4:             zarafa-6.30.10-fortify.patch
+Patch5:             zarafa-6.30.10-long-ulong.patch
 # http://www.brodowski.org/zarafa/php-mapi/6.30.10.18495/18495_patch.diff
 Patch10:            zarafa-6.30.4-brodowski.patch
 
@@ -198,7 +201,7 @@ BuildRoot:          %{_tmppath}/%{name}-
 %description
 Zarafa Outlook Sharing is a Microsoft Exchange replacement. The Open Source
 Collaboration provides an integration with your existing Linux mail server,
-native mobile phone support by ActiveSync compatiblity and a webaccess with
+native mobile phone support by ActiveSync compatibility and a webaccess with
 'Look & Feel' similar to Outlook using Ajax. Including an IMAP4 and a POP3
 gateway as well as an iCal/CalDAV gateway, Zarafa can combine the usability
 with the stability and flexibility of a Linux server.
@@ -442,6 +445,8 @@ PHP MAPI extension by Zarafa to enable M
 %patch1 -p1 -b .perl
 %patch2 -p1 -b .symbol
 %patch3 -p1 -b .chmod
+%patch4 -p1 -b .fortify
+%patch5 -p1 -b .long-ulong
 #%%patch10 -p5 -b .brodowski
 
 # Needed to get rid of rpath
@@ -818,6 +823,12 @@ fi
 %endif
 
 %changelog
+* Tue Feb 23 2010 Robert Scheck <robert at fedoraproject.org> 6.30.10-2
+- Backported a patch from trunk to avoid the crash of zarafa-server
+  when creating new user with db or unix plugin (#564282, #567262)
+- Backported another patch from trunk to avoid the crash of httpd
+  caused by PHP mapi.so during the logon in the webaccess (#564129)
+
 * Sat Feb 06 2010 Robert Scheck <robert at fedoraproject.org> 6.30.10-1
 - Upgrade to 6.30.10 (#498194)
 - Initial spec file for Fedora and Red Hat Enterprise Linux (thanks

More information about the scm-commits mailing list