iApply patch from Werner Fink for CVE-2008-3863, CVE-2008-4306 - enscript - GNU Enscript Err thinkerwim.openbsd.amsterdam 70 hgit clone git://thinkerwim.org/enscript.git URL:git://thinkerwim.org/enscript.git thinkerwim.org 70 1Log /git/enscript/log.gph thinkerwim.org 70 1Files /git/enscript/files.gph thinkerwim.org 70 1Refs /git/enscript/refs.gph thinkerwim.org 70 1README /git/enscript/file/README.gph thinkerwim.org 70 1LICENSE /git/enscript/file/COPYING.gph thinkerwim.org 70 i--- Err thinkerwim.openbsd.amsterdam 70 1commit 94135714871a735e3fe624eaf37901bbb6314e05 /git/enscript/commit/94135714871a735e3fe624eaf37901bbb6314e05.gph thinkerwim.org 70 1parent 2b52dd33bff93e1201253a0b6b028da955ad5d0d /git/enscript/commit/2b52dd33bff93e1201253a0b6b028da955ad5d0d.gph thinkerwim.org 70 hAuthor: Tim Retout URL:mailto:diocles@gnu.org thinkerwim.org 70 iDate: Sun, 27 Dec 2009 23:45:09 +0000 Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 iApply patch from Werner Fink for CVE-2008-3863, CVE-2008-4306 Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 iDiffstat: Err thinkerwim.openbsd.amsterdam 70 i M src/ChangeLog | 6 ++++++ Err thinkerwim.openbsd.amsterdam 70 i M src/psgen.c | 23 ++++++++++++++--------- Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i2 files changed, 20 insertions(+), 9 deletions(-) Err thinkerwim.openbsd.amsterdam 70 i--- Err thinkerwim.openbsd.amsterdam 70 1diff --git a/src/ChangeLog b/src/ChangeLog /git/enscript/file/src/ChangeLog.gph thinkerwim.org 70 i@@ -12,6 +12,12 @@ Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i * util.c (escape_string): Check return code of xmalloc. Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i+ Apply patch from Werner Fink to address CVE-2008-3863, Err thinkerwim.openbsd.amsterdam 70 i+ CVE-2008-4306. Err thinkerwim.openbsd.amsterdam 70 i+ Err thinkerwim.openbsd.amsterdam 70 i+ * psgen.c: Use PATH_MAX for various buffer sizes. Err thinkerwim.openbsd.amsterdam 70 i+ Replace several strcpy calls with memset and strncpy. Err thinkerwim.openbsd.amsterdam 70 i+ Err thinkerwim.openbsd.amsterdam 70 i 2009-03-28 Tim Retout Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i * psgen.c (recognize_eps_file): Remove ability to read EPS data Err thinkerwim.openbsd.amsterdam 70 1diff --git a/src/psgen.c b/src/psgen.c /git/enscript/file/src/psgen.c.gph thinkerwim.org 70 i@@ -22,6 +22,7 @@ Err thinkerwim.openbsd.amsterdam 70 i * along with Enscript. If not, see . Err thinkerwim.openbsd.amsterdam 70 i */ Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i+#include Err thinkerwim.openbsd.amsterdam 70 i #include "gsint.h" Err thinkerwim.openbsd.amsterdam 70 i #include Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i@@ -123,7 +124,7 @@ struct gs_token_st Err thinkerwim.openbsd.amsterdam 70 i double xscale; Err thinkerwim.openbsd.amsterdam 70 i double yscale; Err thinkerwim.openbsd.amsterdam 70 i int llx, lly, urx, ury; /* Bounding box. */ Err thinkerwim.openbsd.amsterdam 70 i- char filename[512]; Err thinkerwim.openbsd.amsterdam 70 i+ char filename[PATH_MAX]; Err thinkerwim.openbsd.amsterdam 70 i char *skipbuf; Err thinkerwim.openbsd.amsterdam 70 i unsigned int skipbuf_len; Err thinkerwim.openbsd.amsterdam 70 i unsigned int skipbuf_pos; Err thinkerwim.openbsd.amsterdam 70 i@@ -134,11 +135,11 @@ struct gs_token_st Err thinkerwim.openbsd.amsterdam 70 i Color bgcolor; Err thinkerwim.openbsd.amsterdam 70 i struct Err thinkerwim.openbsd.amsterdam 70 i { Err thinkerwim.openbsd.amsterdam 70 i- char name[512]; Err thinkerwim.openbsd.amsterdam 70 i+ char name[PATH_MAX]; Err thinkerwim.openbsd.amsterdam 70 i FontPoint size; Err thinkerwim.openbsd.amsterdam 70 i InputEncoding encoding; Err thinkerwim.openbsd.amsterdam 70 i } font; Err thinkerwim.openbsd.amsterdam 70 i- char filename[512]; Err thinkerwim.openbsd.amsterdam 70 i+ char filename[PATH_MAX]; Err thinkerwim.openbsd.amsterdam 70 i } u; Err thinkerwim.openbsd.amsterdam 70 i }; Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i@@ -247,7 +248,7 @@ static int do_print = 1; Err thinkerwim.openbsd.amsterdam 70 i static int user_fontp = 0; Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i /* The user ^@font{}-defined font. */ Err thinkerwim.openbsd.amsterdam 70 i-static char user_font_name[256]; Err thinkerwim.openbsd.amsterdam 70 i+static char user_font_name[PATH_MAX]; Err thinkerwim.openbsd.amsterdam 70 i static FontPoint user_font_pt; Err thinkerwim.openbsd.amsterdam 70 i static InputEncoding user_font_encoding; Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i@@ -977,7 +978,8 @@ large for page\n"), Err thinkerwim.openbsd.amsterdam 70 i FATAL ((stderr, Err thinkerwim.openbsd.amsterdam 70 i _("user font encoding can be only the system's default or `ps'"))); Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i- strcpy (user_font_name, token.u.font.name); Err thinkerwim.openbsd.amsterdam 70 i+ memset (user_font_name, 0, sizeof(user_font_name)); Err thinkerwim.openbsd.amsterdam 70 i+ strncpy (user_font_name, token.u.font.name, sizeof(user_font_name) - 1); Err thinkerwim.openbsd.amsterdam 70 i user_font_pt.w = token.u.font.size.w; Err thinkerwim.openbsd.amsterdam 70 i user_font_pt.h = token.u.font.size.h; Err thinkerwim.openbsd.amsterdam 70 i user_font_encoding = token.u.font.encoding; Err thinkerwim.openbsd.amsterdam 70 i@@ -1443,7 +1445,7 @@ read_special_escape (InputStream *is, Token *token) Err thinkerwim.openbsd.amsterdam 70 i buf[i] = ch; Err thinkerwim.openbsd.amsterdam 70 i if (i + 1 >= sizeof (buf)) Err thinkerwim.openbsd.amsterdam 70 i FATAL ((stderr, _("too long argument for %s escape:\n%.*s"), Err thinkerwim.openbsd.amsterdam 70 i- escapes[i].name, i, buf)); Err thinkerwim.openbsd.amsterdam 70 i+ escapes[e].name, i, buf)); Err thinkerwim.openbsd.amsterdam 70 i } Err thinkerwim.openbsd.amsterdam 70 i buf[i] = '\0'; Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i@@ -1451,7 +1453,8 @@ read_special_escape (InputStream *is, Token *token) Err thinkerwim.openbsd.amsterdam 70 i switch (escapes[e].escape) Err thinkerwim.openbsd.amsterdam 70 i { Err thinkerwim.openbsd.amsterdam 70 i case ESC_FONT: Err thinkerwim.openbsd.amsterdam 70 i- strcpy (token->u.font.name, buf); Err thinkerwim.openbsd.amsterdam 70 i+ memset (token->u.font.name, 0, sizeof(token->u.font.name)); Err thinkerwim.openbsd.amsterdam 70 i+ strncpy (token->u.font.name, buf, sizeof(token->u.font.name) - 1); Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i /* Check for the default font. */ Err thinkerwim.openbsd.amsterdam 70 i if (strcmp (token->u.font.name, "default") == 0) Err thinkerwim.openbsd.amsterdam 70 i@@ -1464,7 +1467,8 @@ read_special_escape (InputStream *is, Token *token) Err thinkerwim.openbsd.amsterdam 70 i FATAL ((stderr, _("malformed font spec for ^@font escape: %s"), Err thinkerwim.openbsd.amsterdam 70 i token->u.font.name)); Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i- strcpy (token->u.font.name, cp); Err thinkerwim.openbsd.amsterdam 70 i+ memset (token->u.font.name, 0, sizeof(token->u.font.name)); Err thinkerwim.openbsd.amsterdam 70 i+ strncpy (token->u.font.name, cp, sizeof(token->u.font.name) - 1); Err thinkerwim.openbsd.amsterdam 70 i xfree (cp); Err thinkerwim.openbsd.amsterdam 70 i } Err thinkerwim.openbsd.amsterdam 70 i token->type = tFONT; Err thinkerwim.openbsd.amsterdam 70 i@@ -1543,7 +1547,8 @@ read_special_escape (InputStream *is, Token *token) Err thinkerwim.openbsd.amsterdam 70 i break; Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 i case ESC_SETFILENAME: Err thinkerwim.openbsd.amsterdam 70 i- strcpy (token->u.filename, buf); Err thinkerwim.openbsd.amsterdam 70 i+ memset (token->u.filename, 0, sizeof(token->u.filename)); Err thinkerwim.openbsd.amsterdam 70 i+ strncpy (token->u.filename, buf, sizeof(token->u.filename) - 1); Err thinkerwim.openbsd.amsterdam 70 i token->type = tSETFILENAME; Err thinkerwim.openbsd.amsterdam 70 i break; Err thinkerwim.openbsd.amsterdam 70 i Err thinkerwim.openbsd.amsterdam 70 .