Fix buffer overflow (bug #337415).

(Portage version: 2.2.0_alpha49/cvs/Linux x86_64)

3 files changed, 56 insertions, 8 deletions

diff --git a/net-analyzer/fwlogwatch/ChangeLog b/net-analyzer/fwlogwatch/ChangeLog
index bfe4e27c29e1..527cb393d30f 100644
--- a/net-analyzer/fwlogwatch/ChangeLog
+++ b/net-analyzer/fwlogwatch/ChangeLog
@@ -1,6 +1,12 @@
 # ChangeLog for net-analyzer/fwlogwatch
-# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/fwlogwatch/ChangeLog,v 1.21 2010/11/30 21:02:52 jer Exp $
+# Copyright 1999-2011 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/fwlogwatch/ChangeLog,v 1.22 2011/08/01 02:31:27 jer Exp $
+
+*fwlogwatch-1.2-r1 (01 Aug 2011)
+
+  01 Aug 2011; Jeroen Roovers <jer@gentoo.org> -fwlogwatch-1.2.ebuild,
+  +fwlogwatch-1.2-r1.ebuild, +files/fwlogwatch-1.2-overflow.patch:
+  Fix buffer overflow (bug #337415).
 
 *fwlogwatch-1.2 (30 Nov 2010)
 
diff --git a/net-analyzer/fwlogwatch/files/fwlogwatch-1.2-overflow.patch b/net-analyzer/fwlogwatch/files/fwlogwatch-1.2-overflow.patch
new file mode 100644
index 000000000000..8691220a3e47
--- /dev/null
+++ b/net-analyzer/fwlogwatch/files/fwlogwatch-1.2-overflow.patch
@@ -0,0 +1,40 @@
+--- a/response.c
++++ b/response.c
+@@ -117,32 +117,32 @@
+   }
+ 
+   snprintf(buf2, BUFSIZE, " %d %s", this_host->count, inet_ntoa(this_host->shost));
+-  strncat(buf, buf2, BUFSIZE);
++  strncat(buf, buf2, BUFSIZE -1);
+ 
+   if (opt.dst_ip) {
+     snprintf(buf2, BUFSIZE, " %s", inet_ntoa(this_host->dhost));
+-    strncat(buf, buf2, BUFSIZE);
++    strncat(buf, buf2, BUFSIZE -1);
+   } else {
+     strncat(buf, " -", BUFSIZE);
+   }
+ 
+   if (opt.proto) {
+     snprintf(buf2, BUFSIZE, " %d", this_host->protocol);
+-    strncat(buf, buf2, BUFSIZE);
++    strncat(buf, buf2, BUFSIZE -1);
+   } else {
+     strncat(buf, " -", BUFSIZE);
+   }
+ 
+   if (opt.src_port) {
+     snprintf(buf2, BUFSIZE, " %d", this_host->sport);
+-    strncat(buf, buf2, BUFSIZE);
++    strncat(buf, buf2, BUFSIZE -1);
+   } else {
+     strncat(buf, " -", BUFSIZE);
+   }
+ 
+   if (opt.dst_port) {
+     snprintf(buf2, BUFSIZE, " %d", this_host->dport);
+-    strncat(buf, buf2, BUFSIZE);
++    strncat(buf, buf2, BUFSIZE -1);
+   } else {
+     strncat(buf, " -", BUFSIZE);
+   }
diff --git a/net-analyzer/fwlogwatch/fwlogwatch-1.2.ebuild b/net-analyzer/fwlogwatch/fwlogwatch-1.2-r1.ebuild
index 43fddb4e06c5..b3c48086c156 100644
--- a/net-analyzer/fwlogwatch/fwlogwatch-1.2.ebuild
+++ b/net-analyzer/fwlogwatch/fwlogwatch-1.2-r1.ebuild
@@ -1,10 +1,10 @@
-# Copyright 1999-2010 Gentoo Foundation
+# Copyright 1999-2011 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/net-analyzer/fwlogwatch/fwlogwatch-1.2.ebuild,v 1.1 2010/11/30 21:02:52 jer Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-analyzer/fwlogwatch/fwlogwatch-1.2-r1.ebuild,v 1.1 2011/08/01 02:31:27 jer Exp $
 
-EAPI="2"
+EAPI="4"
 
-inherit toolchain-funcs eutils
+inherit eutils toolchain-funcs
 
 DESCRIPTION="A packet filter and firewall log analyzer"
 HOMEPAGE="http://fwlogwatch.inside-security.de/"
@@ -16,12 +16,14 @@ SLOT="0"
 IUSE=""
 
 src_prepare() {
-	epatch "${FILESDIR}/${PN}-1.1-make.patch"
+	epatch \
+		"${FILESDIR}"/${PN}-1.1-make.patch \
+		"${FILESDIR}"/${PN}-1.2-overflow.patch
 }
 
 src_compile() {
 	tc-export CC
-	emake || die "emake failed"
+	default
 }
 
 src_install() {