Fix buffer overflow (bug #339652). Thanks for reporting Diego.

(Portage version: 2.1.9.13/cvs/Linux x86_64)

3 files changed, 56 insertions, 2 deletions

diff --git a/media-radio/xlog/ChangeLog b/media-radio/xlog/ChangeLog
index f76d20b7886b..0c6dddcfbcdf 100644
--- a/media-radio/xlog/ChangeLog
+++ b/media-radio/xlog/ChangeLog
@@ -1,6 +1,10 @@
 # ChangeLog for media-radio/xlog
 # Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-radio/xlog/ChangeLog,v 1.13 2010/07/17 12:43:00 fauli Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-radio/xlog/ChangeLog,v 1.14 2010/10/04 15:19:36 tomjbe Exp $
+
+  04 Oct 2010; Thomas Beierlein <tomjbe@gentoo.org> xlog-2.0.3.ebuild,
+  +files/xlog-2.0.3-memmove.patch:
+  Fix buffer overflow (bug #339652)
 
   17 Jul 2010; Christian Faulhammer <fauli@gentoo.org> xlog-2.0.3.ebuild:
   stable x86, bug 328071
diff --git a/media-radio/xlog/files/xlog-2.0.3-memmove.patch b/media-radio/xlog/files/xlog-2.0.3-memmove.patch
new file mode 100644
index 000000000000..8775829e98de
--- /dev/null
+++ b/media-radio/xlog/files/xlog-2.0.3-memmove.patch
@@ -0,0 +1,48 @@
+diff -Nur src/logfile.old/oh1aa.c src/logfile/oh1aa.c
+--- src/logfile.old/oh1aa.c	2010-10-04 15:03:52.000000000 +0000
++++ src/logfile/oh1aa.c	2010-10-04 15:05:13.000000000 +0000
+@@ -111,25 +111,25 @@
+ //0502201751OK2BMA      59 59  28 MHzSSB pavel                                 0
+ 
+ 		/* insert a space between date and time */
+-		memmove (buffer+7, buffer+6, MAXROWLEN);
++		memmove (buffer+7, buffer+6, MAXROWLEN-7);
+ 		buffer[6] = ' ';
+ 		/* insert a space between time and call */
+-		memmove (buffer+12, buffer+11, MAXROWLEN);
++		memmove (buffer+12, buffer+11, MAXROWLEN-12);
+ 		buffer[11] = ' ';
+ 		/* insert a space between call and myrst */
+-		memmove (buffer+24, buffer+23, MAXROWLEN);
++		memmove (buffer+24, buffer+23, MAXROWLEN-24);
+ 		buffer[24] = ' ';
+ 		/* insert a space between myrst and rst */
+-		memmove (buffer+28, buffer+27, MAXROWLEN);
++		memmove (buffer+28, buffer+27, MAXROWLEN-28);
+ 		buffer[28] = ' ';
+ 		/* insert a space between rst and band */
+-		memmove (buffer+32, buffer+31, MAXROWLEN);
++		memmove (buffer+32, buffer+31, MAXROWLEN-32);
+ 		buffer[32] = ' ';
+ 		/* insert a space between band and mode */
+-		memmove (buffer+40, buffer+39, MAXROWLEN);
++		memmove (buffer+40, buffer+39, MAXROWLEN-40);
+ 		buffer[40] = ' ';
+ 		/* insert a space between mode and remarks */
+-		memmove (buffer+45, buffer+44, MAXROWLEN);
++		memmove (buffer+45, buffer+44, MAXROWLEN-45);
+ 		buffer[45] = ' ';
+ 
+ 		for (i = 0; i < oh1aa_field_nr; i++)
+diff -Nur src/logfile.old/trlog.c src/logfile/trlog.c
+--- src/logfile.old/trlog.c	2010-10-04 15:03:52.000000000 +0000
++++ src/logfile/trlog.c	2010-10-04 15:04:21.000000000 +0000
+@@ -195,7 +195,7 @@
+ 			continue;
+ 
+ 		/* insert a space between band and mode */
+-		memmove (buffer+4, buffer+3, MAXROWLEN);
++		memmove (buffer+4, buffer+3, MAXROWLEN-4);
+ 		buffer[3] = ' ';
+ 
+ 		for (i = 0; i < trlog_field_nr - 1; i++)
diff --git a/media-radio/xlog/xlog-2.0.3.ebuild b/media-radio/xlog/xlog-2.0.3.ebuild
index 7bb69fc33bc2..4eabf9e6944e 100644
--- a/media-radio/xlog/xlog-2.0.3.ebuild
+++ b/media-radio/xlog/xlog-2.0.3.ebuild
@@ -1,6 +1,6 @@
 # Copyright 1999-2010 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/media-radio/xlog/xlog-2.0.3.ebuild,v 1.3 2010/07/17 12:43:00 fauli Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-radio/xlog/xlog-2.0.3.ebuild,v 1.4 2010/10/04 15:19:36 tomjbe Exp $
 
 EAPI=2
 
@@ -28,6 +28,8 @@ src_prepare() {
 	# and patch wrong ADIF export
 	epatch "${FILESDIR}/${PN}-2.0.1-adif.patch" \
 	    "${FILESDIR}/${PN}-2.0.2-qsl.patch"
+	# fix buffer overflow (bug 339652)
+	epatch "${FILESDIR}/${P}-memmove.patch"
 	eautoreconf
 }