diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2005-09-29 00:27:11 +0000 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2005-09-29 00:27:11 +0000 |
| commit | 533bc2f4a7870d2ddb19f5f8a14a02100e6372c2 (patch) | |
| tree | 3997dda207e62b8a70972c33594df2ebf8347031 /app-admin | |
| parent | Make sure we control X11/GL/rle dependencies via USE #107497. (diff) | |
| download | gentoo-2-533bc2f4a7870d2ddb19f5f8a14a02100e6372c2.tar.gz gentoo-2-533bc2f4a7870d2ddb19f5f8a14a02100e6372c2.tar.bz2 gentoo-2-533bc2f4a7870d2ddb19f5f8a14a02100e6372c2.zip | |
Fix by Tavis Ormandy for insecure tempfile usage #104565.
(Portage version: 2.0.52-r1 http://www.bash.org/?136501 )
Diffstat (limited to 'app-admin')
| -rw-r--r-- | app-admin/gtkdiskfree/ChangeLog | 10 | ||||
| -rw-r--r-- | app-admin/gtkdiskfree/files/digest-gtkdiskfree-1.9.3-r1 | 1 | ||||
| -rw-r--r-- | app-admin/gtkdiskfree/files/gtkdiskfree-1.9.3-tempfile.patch | 58 | ||||
| -rw-r--r-- | app-admin/gtkdiskfree/gtkdiskfree-1.9.3-r1.ebuild | 35 |
4 files changed, 102 insertions, 2 deletions
diff --git a/app-admin/gtkdiskfree/ChangeLog b/app-admin/gtkdiskfree/ChangeLog index f8ff6e730c3f..2f1bd6d3f8e7 100644 --- a/app-admin/gtkdiskfree/ChangeLog +++ b/app-admin/gtkdiskfree/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for app-admin/gtkdiskfree -# Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-admin/gtkdiskfree/ChangeLog,v 1.16 2005/05/08 14:37:03 herbs Exp $ +# Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/gtkdiskfree/ChangeLog,v 1.17 2005/09/29 00:27:11 vapier Exp $ + +*gtkdiskfree-1.9.3-r1 (29 Sep 2005) + + 29 Sep 2005; Mike Frysinger <vapier@gentoo.org> + +files/gtkdiskfree-1.9.3-tempfile.patch, +gtkdiskfree-1.9.3-r1.ebuild: + Fix by Tavis Ormandy for insecure tempfile usage #104565. 08 May 2005; Herbie Hopkins <herbs@gentoo.org> gtkdiskfree-1.9.3.ebuild: Stable on amd64. diff --git a/app-admin/gtkdiskfree/files/digest-gtkdiskfree-1.9.3-r1 b/app-admin/gtkdiskfree/files/digest-gtkdiskfree-1.9.3-r1 new file mode 100644 index 000000000000..64f070a4addc --- /dev/null +++ b/app-admin/gtkdiskfree/files/digest-gtkdiskfree-1.9.3-r1 @@ -0,0 +1 @@ +MD5 66dea9f2cb3bf83e6b45702900a97a03 gtkdiskfree-1.9.3.tar.gz 255448 diff --git a/app-admin/gtkdiskfree/files/gtkdiskfree-1.9.3-tempfile.patch b/app-admin/gtkdiskfree/files/gtkdiskfree-1.9.3-tempfile.patch new file mode 100644 index 000000000000..abfc494f0c13 --- /dev/null +++ b/app-admin/gtkdiskfree/files/gtkdiskfree-1.9.3-tempfile.patch @@ -0,0 +1,58 @@ +Fix insecure tempfile usage + +Patch by Tavis Ormandy + +http://bugs.gentoo.org/104565 + +--- gtkdiskfree-1.9.3/src/mount.c ++++ gtkdiskfree-1.9.3/src/mount.c +@@ -31,41 +31,21 @@ + void + open_cmd_tube (const gchar *cmd, const gchar *mount_point) + { +- gint status; +- gchar error[MAXLINE], *line; +- FILE *sh, *tmp; ++ gchar error[MAXLINE], *line, *status; ++ FILE *sh; + + setbuf(stdout, error); +- line = g_strconcat(cmd, " ", mount_point, " &> ", TUBE_NAME, NULL); ++ line = g_strconcat(cmd, " ", mount_point, " 2>&1", NULL); + sh = popen(line, "r"); + g_free(line); + +- status = pclose(sh); +- +- if (status == 0) { +- remove(TUBE_NAME); +- gui_list_main_update(GTK_TREE_VIEW(list_treeview)); +- +- return; +- } else { +- if ((tmp = fopen(TUBE_NAME, "r")) == NULL) { +- gui_list_main_update(GTK_TREE_VIEW(list_treeview)); +- +- return; +- } +- if (fgets(error, MAXLINE-1, tmp) == NULL) { +- fclose(tmp); +- remove(TUBE_NAME); +- gui_list_main_update(GTK_TREE_VIEW(list_treeview)); +- +- return; +- } +- fclose(tmp); +- remove(TUBE_NAME); ++ status = fgets(error, MAXLINE-1, sh); ++ ++ if (status && (pclose(sh) != 0)) + error_window(error); +- } ++ + gui_list_main_update(GTK_TREE_VIEW(list_treeview)); +- ++ + return; + } + diff --git a/app-admin/gtkdiskfree/gtkdiskfree-1.9.3-r1.ebuild b/app-admin/gtkdiskfree/gtkdiskfree-1.9.3-r1.ebuild new file mode 100644 index 000000000000..a4d4f59110cd --- /dev/null +++ b/app-admin/gtkdiskfree/gtkdiskfree-1.9.3-r1.ebuild @@ -0,0 +1,35 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-admin/gtkdiskfree/gtkdiskfree-1.9.3-r1.ebuild,v 1.1 2005/09/29 00:27:11 vapier Exp $ + +inherit eutils + +DESCRIPTION="Graphical tool to show free disk space" +HOMEPAGE="http://gtkdiskfree.tuxfamily.org/" +SRC_URI="http://gtkdiskfree.tuxfamily.org/src_tgz/${P}.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~ppc64 ~x86" +IUSE="nls" + +DEPEND=">=x11-libs/gtk+-2 + >=dev-libs/glib-2 + nls? ( sys-devel/gettext )" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/${P}-tempfile.patch #104565 + epatch "${FILESDIR}"/${PV}-makefile-DESTDIR.patch +} + +src_compile() { + econf $(use_enable nls) || die + emake || die "emake failed" +} + +src_install() { + make install DESTDIR="${D}" || die + dodoc AUTHORS ChangeLog NEWS README THANKS TODO +} |