Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-arch/rpm/files/rpm-4.4.6-buffer-overflow.patch
diff options
context:
space:
mode:
Diffstat (limited to 'app-arch/rpm/files/rpm-4.4.6-buffer-overflow.patch')
-rw-r--r--app-arch/rpm/files/rpm-4.4.6-buffer-overflow.patch95
1 files changed, 95 insertions, 0 deletions
diff --git a/app-arch/rpm/files/rpm-4.4.6-buffer-overflow.patch b/app-arch/rpm/files/rpm-4.4.6-buffer-overflow.patch
new file mode 100644
index 0000000..d543958
--- /dev/null
+++ b/app-arch/rpm/files/rpm-4.4.6-buffer-overflow.patch
@@ -0,0 +1,95 @@
+Index: lib/query.c
+===================================================================
+RCS file: /cvs/devel/rpm/lib/query.c,v
+retrieving revision 2.173.2.15
+retrieving revision 2.173.2.16
+diff -a -u -r2.173.2.15 -r2.173.2.16
+--- lib/query.c 8 Oct 2006 21:41:45 -0000 2.173.2.15
++++ lib/query.c 30 Oct 2006 02:50:53 -0000 2.173.2.16
+@@ -124,6 +124,28 @@
+ return str;
+ }
+
++/**
++ */
++static void flushBuffer(char ** tp, char ** tep, int nonewline)
++ /*@ modifies *tp, *tep @*/
++{
++ char *t, *te;
++
++ t = *tp;
++ te = *tep;
++ if (te > t) {
++ if (!nonewline) {
++ *te++ = '\n';
++ *te = '\0';
++ }
++ rpmMessage(RPMMESS_NORMAL, "%s", t);
++ te = t;
++ *t = '\0';
++ }
++ *tp = t;
++ *tep = te;
++}
++
+ int showQueryPackage(QVA_t qva, rpmts ts, Header h)
+ {
+ int scareMem = 0;
+@@ -131,7 +153,6 @@
+ char * t, * te;
+ char * prefix = NULL;
+ int rc = 0; /* XXX FIXME: need real return code */
+- int nonewline = 0;
+ int i;
+
+ te = t = xmalloc(BUFSIZ);
+@@ -141,7 +162,6 @@
+
+ if (qva->qva_queryFormat != NULL) {
+ const char * str = queryHeader(h, qva->qva_queryFormat);
+- nonewline = 1;
+ /*@-branchstate@*/
+ if (str) {
+ size_t tb = (te - t);
+@@ -157,6 +177,7 @@
+ /*@=usereleased@*/
+ /*@=boundswrite@*/
+ str = _free(str);
++ flushBuffer(&t, &te, 1);
+ }
+ /*@=branchstate@*/
+ }
+@@ -312,31 +333,13 @@
+ _("package has neither file owner or id lists\n"));
+ }
+ }
+-/*@-branchstate@*/
+- if (te > t) {
+-/*@-boundswrite@*/
+- *te++ = '\n';
+- *te = '\0';
+- rpmMessage(RPMMESS_NORMAL, "%s", t);
+- te = t;
+- *t = '\0';
+-/*@=boundswrite@*/
+- }
+-/*@=branchstate@*/
++ flushBuffer(&t, &te, 0);
+ }
+
+ rc = 0;
+
+ exit:
+- if (te > t) {
+- if (!nonewline) {
+-/*@-boundswrite@*/
+- *te++ = '\n';
+- *te = '\0';
+-/*@=boundswrite@*/
+- }
+- rpmMessage(RPMMESS_NORMAL, "%s", t);
+- }
++ flushBuffer(&t, &te, 0);
+ t = _free(t);
+
+ fi = rpmfiFree(fi);