[star/f13/master] fix another instance of buffer overflow for files with long names(#632384), Fix some invalid manpage

Ondrej Vasik ovasik at fedoraproject.org
Wed Sep 15 12:30:22 UTC 2010 

commit 036119cd7725bd2d202a69eabdf642dd9e18c46a
Author: Ondřej Vašík <ovasik at redhat.com>
Date:   Wed Sep 15 14:30:19 2010 +0200

    fix another instance of buffer overflow for files with long names(#632384), Fix some invalid manpage references (#624612), ship star.4 manpage with star format description

 star-1.5.1-bufferoverflow.patch    |    9 ++++++
 star-1.5.1-manpagereferences.patch |   56 ++++++++++++++++++++++++++++++++++++
 star.spec                          |   22 +++++++++++--
 3 files changed, 83 insertions(+), 4 deletions(-)
---
diff --git a/star-1.5.1-bufferoverflow.patch b/star-1.5.1-bufferoverflow.patch
index ef5f51c..afc0b4a 100644
--- a/star-1.5.1-bufferoverflow.patch
+++ b/star-1.5.1-bufferoverflow.patch
@@ -10,3 +10,12 @@ diff -urNp star-1.5.1-orig/star/longnames.c star-1.5.1/star/longnames.c
  		return (TRUE);
  	}
  
+@@ -198,7 +198,7 @@ name_to_tcb(info, ptb)
+ 	if (add)
+ 		strcatl(ptb->dbuf.t_name, &np[1], "/", (char *)NULL);
+ 	else
+-		strcpy(ptb->dbuf.t_name, &np[1]);
++		strncpy(ptb->dbuf.t_name, &np[1], props.pr_maxsname);
+ 	strncpy(ptb->dbuf.t_prefix, name, np - name);
+ 	info->f_flags |= F_SPLIT_NAME;
+ 	return (TRUE);
diff --git a/star-1.5.1-manpagereferences.patch b/star-1.5.1-manpagereferences.patch
new file mode 100644
index 0000000..43b25fe
--- /dev/null
+++ b/star-1.5.1-manpagereferences.patch
@@ -0,0 +1,56 @@
+diff -urNp star-1.5.1-orig/star/spax.1 star-1.5.1/star/spax.1
+--- star-1.5.1-orig/star/spax.1	2009-04-10 23:51:50.000000000 +0200
++++ star-1.5.1/star/spax.1	2010-08-17 13:32:38.246788583 +0200
+@@ -4043,7 +4043,7 @@ Interfaces volume of IEEE Std 1003.1-200
+ .BR chown (2), 
+ .BR creat (2),
+ .BR mkdir (2),
+-.BR mkfifo (2),
++.BR mkfifo (3),
+ .BR stat (2),
+ .BR utime (2),
+ .BR write (2).
+@@ -4095,7 +4095,7 @@ entry is added to the ENVIRONMENT VARIAB
+ IEEE PASC Interpretation 1003.2 #168 is applied, clarifying that
+ .BR mkdir (2)
+ and 
+-.BR mkfifo (2)
++.BR mkfifo (3)
+ calls can ignore an [EEXIST] error when
+ extracting an archive.
+ .PP
+diff -urNp star-1.5.1-orig/star/star.1 star-1.5.1/star/star.1
+--- star-1.5.1-orig/star/star.1	2009-06-02 20:49:21.000000000 +0200
++++ star-1.5.1/star/star.1	2010-08-17 13:34:50.524789662 +0200
+@@ -4615,20 +4615,18 @@ cron script).
+ Is used for the intercative user interface.
+ .SH "SEE ALSO"
+ .BR spax (1), 
+-.BR suntar (1), 
+-.BR scpio (1), 
+ .BR tar (1), 
+ .BR cpio (1), 
+ .BR pax (1), 
+ .BR rcp (1), 
+ .BR mt (1),
+-.BR rmt (1), 
++.BR rmt (8), 
+ .BR match (1), 
+ .BR dd (1), 
+ .BR sdd (1), 
+ .BR rsh (1),
+ .BR ssh (1),
+-.BR star (4/5),
++.BR star (4),
+ .BR rcmd (3),
+ .BR fssnap (1m)
+ .SH DIAGNOSTICS
+@@ -4951,7 +4949,7 @@ is installed suid root, 
+ .B star
+ is able to make connections to remote archives for non root users. 
+ This is done by using the
+-rcmd(3) interface to get a connection to a rmt(1) server.
++rcmd(3) interface to get a connection to a rmt(8) server.
+ .PP
+ .B Star
+ resets its effective uid back to the real user id immediately after setting up
diff --git a/star.spec b/star.spec
index 71df34d..675edb2 100644
--- a/star.spec
+++ b/star.spec
@@ -4,7 +4,7 @@
 Summary:  An archiving tool with ACL support
 Name: star
 Version: 1.5.1
-Release: 2%{?dist}
+Release: 4%{?dist}
 URL: http://cdrecord.berlios.de/old/private/star.html
 Source: ftp://ftp.berlios.de/pub/star/%{name}-%{version}.tar.bz2
 
@@ -18,6 +18,8 @@ Patch3: star-1.5-changewarnSegv.patch
 Patch4: star-1.5-stdioconflict.patch
 #Prevent buffer overflow for filenames with length of 100 characters (#556664)
 Patch5: star-1.5.1-bufferoverflow.patch
+#Fix some invalid manpage references (#624612)
+Patch6: star-1.5.1-manpagereferences.patch
 
 License: CDDL
 Group: Applications/Archiving
@@ -38,9 +40,12 @@ and can restore individual files from the archive. Star supports ACL.
 %patch3 -p1 -b .changewarnSegv
 %patch4 -p1 -b .stdio
 %patch5 -p1 -b .namesoverflow
+%patch6 -p1 -b .references
 cp -a star/all.mk star/Makefile
 iconv -f iso_8859-1 -t utf-8 AN-1.5 >AN-1.5_utf8
 mv AN-1.5_utf8 AN-1.5
+iconv -f iso_8859-1 -t utf-8 star/star.4 >star/star.4_utf8
+mv star/star.4_utf8 star/star.4
 cp -a READMEs/README.linux .
 
 for PLAT in %{arm} x86_64 ppc64 s390 s390x sh3 sh4 sh4a sparcv9; do
@@ -70,11 +75,11 @@ CONFFLAGS="%{_target_platform} --prefix=%{_prefix} \
 %install
 export MAKEPROG=gmake
 rm -rf ${RPM_BUILD_ROOT}
-mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man1
+mkdir -p ${RPM_BUILD_ROOT}%{_mandir}/man4
 %makeinstall RPM_INSTALLDIR=${RPM_BUILD_ROOT} PARCH=%{_target_cpu} K_ARCH=%{_target_cpu} < /dev/null
-rm -rf ${RPM_BUILD_ROOT}/usr/share/man
 rm -rf ${RPM_BUILD_ROOT}/usr/share/doc/rmt
-mv ${RPM_BUILD_ROOT}/usr/man ${RPM_BUILD_ROOT}%{_mandir}
+mv ${RPM_BUILD_ROOT}/usr/man/man5/star.5 ${RPM_BUILD_ROOT}%{_mandir}/man4/star.4
+mv ${RPM_BUILD_ROOT}/usr/man/* ${RPM_BUILD_ROOT}%{_mandir}
 ln -s star.1.gz ${RPM_BUILD_ROOT}%{_mandir}/man1/ustar.1
 
 # XXX Nuke unpackaged files.
@@ -110,8 +115,17 @@ rm -rf ${RPM_BUILD_ROOT}
 %{_mandir}/man1/star.1*
 %{_mandir}/man1/spax.1*
 %{_mandir}/man1/ustar.1*
+%{_mandir}/man4/star.4*
 
 %changelog
+* Wed Sep 15 2010 Ondrej Vasik <ovasik at redhat.com> 1.5.1-4
+- fix another instance of buffer overflow for files with
+  long names(#632384)
+
+* Tue Aug 17 2010 Ondrej Vasik <ovasik at redhat.com> 1.5.1-3
+- Fix some invalid manpage references (#624612)
+- ship star.4 manpage with star format description
+
 * Wed Feb 03 2010 Ondrej Vasik <ovasik at redhat.com> 1.5.1-2
 - fix buffer overflow for files with names of length
   100 chars(#556664)

More information about the scm-commits mailing list