packages: tar/tar.spec, tar/tar-fortifysourcessigabrt.patch (NEW) - prevent...

Mon Apr 26 17:22:58 CEST 2010

Author: draenog                      Date: Mon Apr 26 15:22:58 2010 GMT
Module: packages                      Tag: HEAD
---- Log message:
- prevent sigabrt with fortified sources (taken from Fedora)

---- Files affected:
packages/tar:
   tar.spec (1.124 -> 1.125) , tar-fortifysourcessigabrt.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: packages/tar/tar.spec
diff -u packages/tar/tar.spec:1.124 packages/tar/tar.spec:1.125

--- packages/tar/tar.spec:1.124	Mon Apr 26 16:04:29 2010
+++ packages/tar/tar.spec	Mon Apr 26 17:22:53 2010
@@ -12,7 +12,7 @@
 Summary(tr.UTF-8):	Yaygın kullanılan yedekleyici
 Name:		tar
 Version:	1.23
-Release:	3
+Release:	4
 Epoch:		1
 License:	GPL v3+
 Group:		Applications/Archiving
@@ -26,6 +26,7 @@
 Patch3:		%{name}-pl.po-update.patch
 Patch4:		%{name}-zero-block.patch
 Patch5:		am-nosilentrules.patch
+Patch6:		%{name}-fortifysourcessigabrt.patch
 URL:		http://www.gnu.org/software/tar/tar.html
 BuildRequires:	autoconf >= 2.60
 BuildRequires:	automake >= 1:1.9
@@ -148,6 +149,7 @@
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
+%patch6 -p1
 
 %{__rm} po/stamp-po
 
@@ -214,6 +216,9 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.125  2010/04/26 15:22:53  draenog
+- prevent sigabrt with fortified sources (taken from Fedora)
+
 Revision 1.124  2010/04/26 14:04:29  arekm
 - release 3
 

================================================================
Index: packages/tar/tar-fortifysourcessigabrt.patch
diff -u /dev/null packages/tar/tar-fortifysourcessigabrt.patch:1.1
--- /dev/null	Mon Apr 26 17:22:58 2010
+++ packages/tar/tar-fortifysourcessigabrt.patch	Mon Apr 26 17:22:53 2010
@@ -0,0 +1,32 @@
+diff -urNp tar-1.22-orig/src/create.c tar-1.22/src/create.c
+--- tar-1.22-orig/src/create.c	2009-07-09 18:38:37.000000000 +0200
++++ tar-1.22/src/create.c	2009-07-09 18:43:44.000000000 +0200
+@@ -578,7 +578,10 @@ write_gnu_long_link (struct tar_stat_inf
+   GNAME_TO_CHARS (tmpname, header->header.gname);
+   free (tmpname);
+ 
+-  strcpy (header->header.magic, OLDGNU_MAGIC);
++  /* OLDGNU_MAGIC is string with 7 chars + NULL */
++  strncpy (header->header.magic, OLDGNU_MAGIC, sizeof(header->header.magic));
++  strncpy (header->header.version, OLDGNU_MAGIC+sizeof(header->header.magic),
++           sizeof(header->header.version));
+   header->header.typeflag = type;
+   finish_header (st, header, -1);
+ 
+@@ -908,9 +911,13 @@ start_header (struct tar_stat_info *st)
+       break;
+ 
+     case OLDGNU_FORMAT:
+-    case GNU_FORMAT:   /*FIXME?*/
+-      /* Overwrite header->header.magic and header.version in one blow.  */
+-      strcpy (header->header.magic, OLDGNU_MAGIC);
++    case GNU_FORMAT:
++      /* OLDGNU_MAGIC is string with 7 chars + NULL */
++      strncpy (header->header.magic, OLDGNU_MAGIC,
++               sizeof(header->header.magic));
++      strncpy (header->header.version,
++               OLDGNU_MAGIC+sizeof(header->header.magic),
++               sizeof(header->header.version));
+       break;
+ 
+     case POSIX_FORMAT:
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/tar/tar.spec?r1=1.124&r2=1.125&f=u

