Hello community,
here is the log from the commit of package lockdev for openSUSE:Factory
checked in at Sun Apr 25 18:50:59 CEST 2010.
--------
--- lockdev/lockdev.changes 2010-03-15 11:47:21.000000000 +0100
+++ /mounts/work_src_done/STABLE/lockdev/lockdev.changes 2010-04-23 11:39:13.000000000 +0200
@@ -1,0 +2,6 @@
+Fri Apr 23 09:38:11 UTC 2010 - lnussel@suse.de
+
+- remove baudboy.h
+- fix potential buffer overflow (bnc#588325)
+
+-------------------------------------------------------------------
calling whatdependson for head-i586
New:
----
lockdev-drop-baudboy.h.diff
lockdev-fix-implicit-declarations.diff
lockdev-reserve-some-space-to-avoid-buffer-overflow.diff
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ lockdev.spec ++++++
--- /var/tmp/diff_new_pack.sWTdqh/_old 2010-04-25 18:50:45.000000000 +0200
+++ /var/tmp/diff_new_pack.sWTdqh/_new 2010-04-25 18:50:45.000000000 +0200
@@ -21,12 +21,15 @@
Name: lockdev
Summary: A library for locking devices
Version: 1.0.3_git201003141408
-Release: 1
+Release: 2
License: LGPLv2
Group: System/Base
Url: http://packages.debian.org/unstable/source/lockdev
#Source0: http://ftp.debian.org/debian/pool/main/l/lockdev/%{name}_%{version}.orig.tar.gz
Source0: http://ftp.debian.org/debian/pool/main/l/lockdev/%{name}-%{version}.tar.bz2
+Patch0: lockdev-drop-baudboy.h.diff
+Patch1: lockdev-fix-implicit-declarations.diff
+Patch2: lockdev-reserve-some-space-to-avoid-buffer-overflow.diff
#
Requires(pre): pwdutils permissions
BuildRoot: %{_tmppath}/%{name}-%{version}-build
@@ -64,6 +67,9 @@
%prep
%setup -q
+%patch0 -p1
+%patch1 -p1
+%patch2 -p1
%build
cat > VERSION < From 150afc7a1ea6318a0bb411d47944bbd62f13c6cb Mon Sep 17 00:00:00 2001
From: Ludwig Nussel whether or not a helper is needed to lock devices needs to be
defined by the distribution at build time. It's transparent to
applications that use the ttylock interface.
---
configure.ac | 15 +++++++++++++++
src/Makefile.am | 2 +-
src/baudboy.h | 42 ------------------------------------------
src/baudboy_test.c | 1 -
src/lockdev.c | 25 ++++++++-----------------
5 files changed, 24 insertions(+), 61 deletions(-)
delete mode 100644 src/baudboy.h
diff --git a/configure.ac b/configure.ac
index 533e228..b0f0608 100644
--- a/configure.ac
+++ b/configure.ac
@@ -40,6 +40,21 @@ AC_HEADER_STDC
LT_INIT([disable-static])
+AC_MSG_CHECKING([whether the library needs to call a helper])
+AC_ARG_ENABLE(helper,AS_HELP_STRING([--enable-helper],[use helper binary for locking]),,enable_helper=auto)
+if test x$enable_helper = xauto; then
+ varlockperms=`stat -c %a /var/lock`
+ if test x"$varlockperms" != x777; then
+ enable_helper=yes
+ fi
+fi
+if test x$enable_helper = xyes; then
+ AC_MSG_RESULT([yes])
+ AC_DEFINE_UNQUOTED([TTYLOCK_USE_HELPER], 1, [set to 1 to enable use of helper binary])
+else
+ AC_MSG_RESULT([no])
+fi
+
dnl check if user wants debug
AC_MSG_CHECKING([whether to enable debug output])
AC_ARG_ENABLE(debug,AS_HELP_STRING([--enable-debug],[turn on debugging code]),,enable_debug=no)
diff --git a/src/Makefile.am b/src/Makefile.am
index a5b31e3..85aa3a7 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -1,7 +1,7 @@
sbin_PROGRAMS = lockdev
noinst_PROGRAMS = baudboy
-include_HEADERS = lockdev.h baudboy.h ttylock.h
+include_HEADERS = lockdev.h ttylock.h
AM_CPPFLAGS = -include $(top_builddir)/config.h -DSBINDIR=\"$(sbindir)\"
diff --git a/src/baudboy.h b/src/baudboy.h
deleted file mode 100644
index 6e41afd..0000000
--- a/src/baudboy.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/* Copyright (C) 2001 Red Hat, Inc.
-
- This library is free software; you can redistribute it and/or
- modify it under the terms of the GNU Lesser General Public License
- as published by the Free Software Foundation; either version 2 of
- the License, or (at your option) any later version.
-
- It is distributed in the hope that it will be useful, but WITHOUT
- ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
- or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser General
- Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public
- License along with this software; if not, write to the Free
- Software Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
- 02111-1307 USA. */
-
-
-#ifndef _BAUDBOY_H_
-#define _BAUDBOY_H_
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-int ttylock_helper (const char * devname);
-int ttywait_helper (const char * devname);
-int ttyunlock_helper (const char * devname);
-int ttylocked_helper (const char * devname);
-
-#ifndef _LIBLOCKDEV_NO_BAUDBOY_DEFINES
-#define ttylock(devname) ttylock_helper(devname)
-#define ttywait(devname) ttywait_helper(devname)
-#define ttyunlock(devname) ttyunlock_helper(devname)
-#define ttylocked(devname) ttylocked_helper(devname)
-#endif
-
-#ifdef __cplusplus
-};
-#endif
-
-#endif /* _BAUDBOY_H_ */
diff --git a/src/baudboy_test.c b/src/baudboy_test.c
index 768e260..e481270 100644
--- a/src/baudboy_test.c
+++ b/src/baudboy_test.c
@@ -8,7 +8,6 @@
#include From 720422dd2fd0080ecd9c32cdbe1068c0649f632a Mon Sep 17 00:00:00 2001
From: Ludwig Nussel ---
src/baudboy_test.c | 1 +
src/sample.c | 2 ++
2 files changed, 3 insertions(+), 0 deletions(-)
diff --git a/src/baudboy_test.c b/src/baudboy_test.c
index e481270..afecb15 100644
--- a/src/baudboy_test.c
+++ b/src/baudboy_test.c
@@ -8,6 +8,7 @@
#include From 7e31caa61b5f839e7b2c3f4c45dcbba925f37d32 Mon Sep 17 00:00:00 2001
From: Ludwig Nussel this should really be handled by the _dl_filename_* functions
---
src/lockdev.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/lockdev.c b/src/lockdev.c
index 88305e9..84c0902 100644
--- a/src/lockdev.c
+++ b/src/lockdev.c
@@ -488,7 +488,7 @@ _dl_check_devname (const char *devname)
}
if ( strcmp( p, "tty") == 0 )
p = ttyname( 0); /* this terminal, if it exists */
- if (((l = strlen(p)) == 0) || (l > (MAXPATHLEN - strlen(LOCK_PATH))))
+ if (((l = strlen(p)) == 0) || (l > (MAXPATHLEN - strlen(LOCK_PATH) - 10)))
return NULL;
if ((m = malloc(++l)) == NULL)
return NULL;
--
1.6.4.2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Remember to have fun...
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org