Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/net-misc/whois/files
diff options
context:
space:
mode:
authorMartin Holzer <mholzer@gentoo.org>2003-11-23 00:04:07 +0000
committerMartin Holzer <mholzer@gentoo.org>2003-11-23 00:04:07 +0000
commit47b338626b970baf1b5c0b20b5136f126730a3aa (patch)
tree9926e5d1f4f5b5d1525fda9b38c38725c90b09dc /net-misc/whois/files
parentVersion bumped. Closes #34109. (diff)
downloadgentoo-2-47b338626b970baf1b5c0b20b5136f126730a3aa.tar.gz
gentoo-2-47b338626b970baf1b5c0b20b5136f126730a3aa.tar.bz2
gentoo-2-47b338626b970baf1b5c0b20b5136f126730a3aa.zip
Version bumped. Closes #34109.
Diffstat (limited to 'net-misc/whois/files')
-rw-r--r--net-misc/whois/files/digest-whois-4.6.81
-rw-r--r--net-misc/whois/files/whois-4.6.8-gentoo-security.patch158
2 files changed, 159 insertions, 0 deletions
diff --git a/net-misc/whois/files/digest-whois-4.6.8 b/net-misc/whois/files/digest-whois-4.6.8
new file mode 100644
index 000000000000..85f10e340ab9
--- /dev/null
+++ b/net-misc/whois/files/digest-whois-4.6.8
@@ -0,0 +1 @@
+MD5 c318f9a35d845df1c5804cdef2041cff whois_4.6.8.tar.gz 47376
diff --git a/net-misc/whois/files/whois-4.6.8-gentoo-security.patch b/net-misc/whois/files/whois-4.6.8-gentoo-security.patch
new file mode 100644
index 000000000000..5f92105cf501
--- /dev/null
+++ b/net-misc/whois/files/whois-4.6.8-gentoo-security.patch
@@ -0,0 +1,158 @@
+--- whois.c.orig 2003-09-10 01:21:52.000000000 +0200
++++ whois.c 2003-11-23 01:51:20.000000000 +0100
+@@ -73,7 +73,7 @@
+ /* RIPE flags */
+ if (strchr(ripeflags, ch)) {
+ for (p = fstring; *p; p++);
+- sprintf(p--, "-%c ", ch);
++ snprintf(p--, sizeof(fstring), "-%c ", ch);
+ continue;
+ }
+ if (strchr(ripeflagsp, ch)) {
+@@ -86,7 +86,7 @@
+ /* program flags */
+ switch (ch) {
+ case 'h':
+- server = q = malloc(strlen(optarg) + 1);
++ server = q = xmalloc(strlen(optarg) + 1);
+ for (p = optarg; *p && *p != ':'; *q++ = tolower(*p++));
+ if (*p == ':')
+ port = p + 1;
+@@ -122,7 +122,7 @@
+ usage();
+
+ /* On some systems realloc only works on non-NULL buffers */
+- qstring = malloc(64);
++ qstring = xmalloc(64);
+ *qstring = '\0';
+
+ /* parse other parameters, if any */
+@@ -131,11 +131,11 @@
+
+ while (1) {
+ qslen += strlen(*argv) + 1 + 1;
+- qstring = realloc(qstring, qslen);
+- strcat(qstring, *argv++);
++ qstring = xrealloc(qstring, qslen);
++ strncat(qstring, *argv++, qslen-1);
+ if (argc == 1)
+ break;
+- strcat(qstring, " ");
++ strncat(qstring, " ", qslen);
+ argc--;
+ }
+ }
+@@ -401,10 +401,12 @@
+ {
+ char *buf;
+ int i, isripe = 0;
++ int buflen = 0;
+
+ /* +2 for \r\n; +1 for NULL */
+- buf = malloc(strlen(flags) + strlen(query) + strlen(client_tag) + 4
+- + 2 + 1);
++ buf = malloc(strlen(flags) + strlen(query) + strlen(client_tag) + 4 + 2 + 1);
++ buf = xmalloc(buflen);
++
+ *buf = '\0';
+ for (i = 0; ripe_servers[i]; i++)
+ if (strcmp(server, ripe_servers[i]) == 0) {
+@@ -426,21 +428,21 @@
+ if (*flags) {
+ if (!isripe && strcmp(server, "whois.corenic.net") != 0)
+ puts(_("Warning: RIPE flags used with a traditional server."));
+- strcat(buf, flags);
++ strncat(buf, flags, buflen);
+ }
+ /* FIXME: /e is not applied to .JP ASN */
+ if (!isripe && (strcmp(server, "whois.nic.mil") == 0 ||
+ strcmp(server, "whois.nic.ad.jp") == 0) &&
+ strncasecmp(query, "AS", 2) == 0 && isasciidigit(query[2]))
+- sprintf(buf, "AS %s", query + 2); /* fix query for DDN */
++ snprintf(buf, buflen, "AS %s", query + 2); /* fix query for DDN */
+ else if (!isripe && strcmp(server, "whois.nic.ad.jp") == 0) {
+ char *lang = getenv("LANG"); /* not a perfect check, but... */
+ if (!lang || (strncmp(lang, "ja", 2) != 0))
+- sprintf(buf, "%s/e", query); /* ask for english text */
++ snprintf(buf, buflen, "%s/e", query); /* ask for english text */
+ else
+- strcat(buf, query);
++ strncat(buf, query, buflen);
+ } else
+- strcat(buf, query);
++ strncat(buf, query, buflen);
+ return buf;
+ }
+
+@@ -483,7 +485,7 @@
+
+ if (verb)
+ printf(_("Detected referral to %s on %s.\n"), nq, nh);
+- strcat(nq, "\r\n");
++ strncat(nq, "\r\n", sizeof(nq));
+ fd = openconn(nh, np);
+ do_query(fd, nq);
+ continue;
+@@ -509,7 +511,7 @@
+ FILE *fi;
+ int state = 0;
+
+- temp = malloc(strlen(query) + 1 + 2 + 1);
++ temp = xmalloc(strlen(query) + 1 + 2 + 1);
+ *temp = '=';
+ strcpy(temp + 1, query);
+ strcat(temp, "\r\n");
+@@ -527,7 +529,7 @@
+
+ for (p = buf; *p != ':'; p++); /* skip until colon */
+ for (p++; *p == ' '; p++); /* skip colon and spaces */
+- ret = malloc(strlen(p) + 1);
++ ret = xmalloc(strlen(p) + 1);
+ for (q = ret; *p != '\n' && *p != '\r' && *p != ' '; *q++ = *p++)
+ ; /*copy data*/
+ *q = '\0';
+@@ -572,7 +574,7 @@
+ for (p = buf; *p != ':'; p++); /* skip until colon */
+ for (p++; *p != ':'; p++); /* skip until 2nd colon */
+ for (p++; *p == ' '; p++); /* skip colon and spaces */
+- ret = malloc(strlen(p) + 1);
++ ret = xmalloc(strlen(p) + 1);
+ for (q = ret; *p != '\n' && *p != '\r'; *q++ = *p++); /*copy data*/
+ *q = '\0';
+ state = 2;
+@@ -726,6 +728,24 @@
+ exit(0);
+ }
+
++/* Memory allocation routines */
++void *xmalloc(size_t size)
++{
++ void *ptr;
++
++ if ((ptr = malloc(size)) == NULL)
++ err_sys("malloc");
++
++ return ptr;
++}
++
++void *xrealloc(void *ptr, size_t size)
++{
++ if ((ptr = realloc(ptr, size)) == NULL)
++ err_sys("realloc");
++
++ return ptr;
++}
+
+ /* Error routines */
+ void err_sys(const char *fmt, ...)
+--- whois.h.orig 2003-11-23 01:58:01.000000000 +0100
++++ whois.h 2003-11-23 01:58:52.000000000 +0100
+@@ -23,6 +23,8 @@
+ int domfind(const char *, const char *[]);
+ char *normalize_domain(const char *);
+
++void *xmalloc(size_t);
++void *xrealloc(void *, size_t);
+ void err_quit(const char *,...);
+ void err_sys(const char *,...);
+