Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status
summaryrefslogtreecommitdiff
path: root/app-dicts/wordnet
diff options
context:
space:
mode:
authorPeter Volkov <pva@gentoo.org>2008-09-10 06:57:39 +0000
committerPeter Volkov <pva@gentoo.org>2008-09-10 06:57:39 +0000
commitfd8d84a8e01bbb69753839d79551152b4aa68e4f (patch)
tree9caa25d3dbec0f127e120883a2802b18ac24e1b0 /app-dicts/wordnet
parentUpstream moved ifxetex to latexrecommended, so do we; this fixes some problem... (diff)
downloadgentoo-2-fd8d84a8e01bbb69753839d79551152b4aa68e4f.tar.gz
gentoo-2-fd8d84a8e01bbb69753839d79551152b4aa68e4f.tar.bz2
gentoo-2-fd8d84a8e01bbb69753839d79551152b4aa68e4f.zip
Appling fix for security issue, bug #211491, thank Jukka Ruohonen for report and Robert Buchholz for pointing to patch. Remove old.
(Portage version: 2.2_rc8/cvs/Linux 2.6.25-gentoo-r7 i686)
Diffstat (limited to 'app-dicts/wordnet')
-rw-r--r--app-dicts/wordnet/ChangeLog14
-rw-r--r--app-dicts/wordnet/files/Makefiles.diff65
-rw-r--r--app-dicts/wordnet/files/Wordnet-2.1-compile-fix-new.patch11
-rw-r--r--app-dicts/wordnet/files/Wordnet-2.1-dict-location.patch11
-rw-r--r--app-dicts/wordnet/files/wordnet-3.0-CVE-2008-3908.patch732
-rw-r--r--app-dicts/wordnet/wordnet-2.0.ebuild35
-rw-r--r--app-dicts/wordnet/wordnet-2.1.ebuild40
-rw-r--r--app-dicts/wordnet/wordnet-3.0-r1.ebuild61
8 files changed, 805 insertions, 164 deletions
diff --git a/app-dicts/wordnet/ChangeLog b/app-dicts/wordnet/ChangeLog
index d42083220854..6c7a6fb173f0 100644
--- a/app-dicts/wordnet/ChangeLog
+++ b/app-dicts/wordnet/ChangeLog
@@ -1,6 +1,16 @@
# ChangeLog for app-dicts/wordnet
-# Copyright 2002-2007 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/app-dicts/wordnet/ChangeLog,v 1.14 2007/10/22 16:42:18 cla Exp $
+# Copyright 2002-2008 Gentoo Foundation; Distributed under the GPL v2
+# $Header: /var/cvsroot/gentoo-x86/app-dicts/wordnet/ChangeLog,v 1.15 2008/09/10 06:57:39 pva Exp $
+
+*wordnet-3.0-r1 (10 Sep 2008)
+
+ 10 Sep 2008; Peter Volkov <pva@gentoo.org>
+ -files/Wordnet-2.1-compile-fix-new.patch,
+ -files/Wordnet-2.1-dict-location.patch,
+ +files/wordnet-3.0-CVE-2008-3908.patch, -files/Makefiles.diff,
+ -wordnet-2.0.ebuild, -wordnet-2.1.ebuild, +wordnet-3.0-r1.ebuild:
+ Appling fix for security issue, bug #211491, thank Jukka Ruohonen for
+ report and Robert Buchholz for pointing to patch. Remove old.
22 Oct 2007; Dawid Węgliński <cla@gentoo.org> wordnet-3.0.ebuild:
Stable on x86 (bug #73107)
diff --git a/app-dicts/wordnet/files/Makefiles.diff b/app-dicts/wordnet/files/Makefiles.diff
deleted file mode 100644
index 779968d3522b..000000000000
--- a/app-dicts/wordnet/files/Makefiles.diff
+++ /dev/null
@@ -1,65 +0,0 @@
-diff -r -u WordNet-2.0/Makefile /var/tmp/portage/wordnet-2.0-r1/work/WordNet-2.0/Makefile
---- WordNet-2.0/Makefile 2003-06-16 09:09:25.000000000 -0700
-+++ /var/tmp/portage/wordnet-2.0-r1/work/WordNet-2.0/Makefile 2003-12-04 21:46:36.000000000 -0800
-@@ -118,10 +118,10 @@
- CC = gcc
-
- # Use this for Solaris
--LOCAL_LDFLAGS = -R/usr/openwin/lib:/usr/lib:/usr/local/lib
-+#LOCAL_LDFLAGS = -R/usr/openwin/lib:/usr/lib:/usr/local/lib
-
- # Use this for Irix and Linux
--#LOCAL_LDFLAGS =
-+LOCAL_LDFLAGS = -L/usr/X11R6/lib
-
- # "UNIX" must be defined for things to compile...
-
-@@ -178,7 +178,7 @@
-
- # Libraries needed for Linux
-
--#WNB_LIBS = -ltk -ltcl -lX11 -lm -lnsl -ldl -lpthread
-+WNB_LIBS = -ltk -ltcl -lX11 -lm -lnsl -ldl -lpthread
-
- ###### Finally, the "make" targets ######
-
-diff -r -u WordNet-2.0/include/wnconsts.h /var/tmp/portage/wordnet-2.0-r1/work/WordNet-2.0/include/wnconsts.h
---- WordNet-2.0/include/wnconsts.h 2003-06-16 08:49:43.000000000 -0700
-+++ /var/tmp/portage/wordnet-2.0-r1/work/WordNet-2.0/include/wnconsts.h 2003-12-04 21:45:47.000000000 -0800
-@@ -16,8 +16,8 @@
-
- #ifdef UNIX
- #define DICTDIR "/dict"
--#define DEFAULTPATH "/usr/local/WordNet-2.0/dict"
--#define DEFAULTBIN "/usr/local/WordNet-2.0/bin"
-+#define DEFAULTPATH "/usr/share/wordnet/dict"
-+#define DEFAULTBIN "/usr/bin"
- #define DATAFILE "%s/data.%s"
- #define INDEXFILE "%s/index.%s"
- #define SENSEIDXFILE "%s/index.sense"
-diff -r -u WordNet-2.0/src/include/wnconsts.h /var/tmp/portage/wordnet-2.0-r1/work/WordNet-2.0/src/include/wnconsts.h
---- WordNet-2.0/src/include/wnconsts.h 2003-06-16 08:49:43.000000000 -0700
-+++ /var/tmp/portage/wordnet-2.0-r1/work/WordNet-2.0/src/include/wnconsts.h 2003-12-04 21:45:47.000000000 -0800
-@@ -16,8 +16,8 @@
-
- #ifdef UNIX
- #define DICTDIR "/dict"
--#define DEFAULTPATH "/usr/local/WordNet-2.0/dict"
--#define DEFAULTBIN "/usr/local/WordNet-2.0/bin"
-+#define DEFAULTPATH "/usr/share/wordnet/dict"
-+#define DEFAULTBIN "/usr/bin"
- #define DATAFILE "%s/data.%s"
- #define INDEXFILE "%s/index.%s"
- #define SENSEIDXFILE "%s/index.sense"
-diff -r -u WordNet-2.0/src/wnb/wnb /var/tmp/portage/wordnet-2.0-r1/work/WordNet-2.0/src/wnb/wnb
---- WordNet-2.0/src/wnb/wnb 2003-08-01 07:20:42.000000000 -0700
-+++ /var/tmp/portage/wordnet-2.0-r1/work/WordNet-2.0/src/wnb/wnb 2003-12-04 21:45:47.000000000 -0800
-@@ -97,7 +97,7 @@
- set labonly 0
- if {$tcl_platform(platform) == "unix"} {
- if {[lsearch -exact [array names env] WNHOME] == -1} {
-- set resourcedir "/usr/local/WordNet-2.0/lib/wnres"
-+ set resourcedir "/usr/lib/wnres"
- } else {
- set resourcedir "$env(WNHOME)/lib/wnres"
- }
diff --git a/app-dicts/wordnet/files/Wordnet-2.1-compile-fix-new.patch b/app-dicts/wordnet/files/Wordnet-2.1-compile-fix-new.patch
deleted file mode 100644
index 845537d1107c..000000000000
--- a/app-dicts/wordnet/files/Wordnet-2.1-compile-fix-new.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- src/stubs.c~ 2005-07-06 20:49:05.000000000 +0200
-+++ src/stubs.c 2006-02-06 17:43:05.000000000 +0100
-@@ -14,8 +14,6 @@
- #include <tk.h>
- #include <wn.h>
-
--static Id = "$Id: stubs.c,v 1.7 2005/04/29 19:01:57 wn Exp $";
--
- static char resultbuf[SEARCHBUF];
-
- #ifndef HAVE_LANGINFO_CODESET
diff --git a/app-dicts/wordnet/files/Wordnet-2.1-dict-location.patch b/app-dicts/wordnet/files/Wordnet-2.1-dict-location.patch
deleted file mode 100644
index a2f834a4da85..000000000000
--- a/app-dicts/wordnet/files/Wordnet-2.1-dict-location.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- WordNet-2.1/include/wn.h 2005-07-06 14:48:44.000000000 -0400
-+++ /var/tmp/portage/wordnet-2.1/work/WordNet-2.1/include/wn.h 2006-01-09 19:31:15.000000000 -0500
-@@ -30,7 +30,7 @@
- #define CNTLISTFILE "%s\\cntlist.rev"
- #else
- #define DICTDIR "/dict"
--#define DEFAULTPATH "/usr/local/WordNet-2.1/dict"
-+#define DEFAULTPATH "/usr/dict"
- #define DATAFILE "%s/data.%s"
- #define INDEXFILE "%s/index.%s"
- #define SENSEIDXFILE "%s/index.sense"
diff --git a/app-dicts/wordnet/files/wordnet-3.0-CVE-2008-3908.patch b/app-dicts/wordnet/files/wordnet-3.0-CVE-2008-3908.patch
new file mode 100644
index 000000000000..de430c3ea302
--- /dev/null
+++ b/app-dicts/wordnet/files/wordnet-3.0-CVE-2008-3908.patch
@@ -0,0 +1,732 @@
+diff --git a/lib/binsrch.c b/lib/binsrch.c
+index 85436f3..8b71216 100644
+--- a/lib/binsrch.c
++++ b/lib/binsrch.c
+@@ -28,7 +28,7 @@ char *read_index(long offset, FILE *fp) {
+ char *linep;
+
+ linep = line;
+- line[0] = '0';
++ line[0] = '\0';
+
+ fseek( fp, offset, SEEK_SET );
+ fgets(linep, LINE_LEN, fp);
+@@ -58,6 +58,8 @@ char *bin_search(char *searchkey, FILE *fp)
+ last_bin_search_offset = ftell( fp );
+ fgets(linep, LINE_LEN, fp);
+ length = (int)(strchr(linep, ' ') - linep);
++ if (length > (sizeof(key) - 1))
++ return(NULL);
+ strncpy(key, linep, length);
+ key[length] = '\0';
+ if(strcmp(key, searchkey) < 0) {
+@@ -110,6 +112,8 @@ static int bin_search_key(char *searchkey, FILE *fp)
+ line[length++] = c;
+ if (getc(fp) == EOF) { /* only 1 line in file */
+ length = (int)(strchr(linep, ' ') - linep);
++ if (length > (sizeof(key) - 1))
++ return(0);
+ strncpy(key, linep, length);
+ key[length] = '\0';
+ if(strcmp(key, searchkey) > 0) {
+@@ -132,6 +136,8 @@ static int bin_search_key(char *searchkey, FILE *fp)
+ if (fgets(linep, LINE_LEN, fp) != NULL) {
+ offset2 = ftell(fp); /* offset at start of next line */
+ length = (int)(strchr(linep, ' ') - linep);
++ if (length > (sizeof(key) - 1))
++ return(0);
+ strncpy(key, linep, length);
+ key[length] = '\0';
+ if(strcmp(key, searchkey) < 0) { /* further in file */
+diff --git a/lib/morph.c b/lib/morph.c
+index 0cff594..ea4b4f8 100644
+--- a/lib/morph.c
++++ b/lib/morph.c
+@@ -51,24 +51,24 @@ static struct {
+ char *str;
+ int strlen;
+ } prepositions[NUMPREPS] = {
+- "to", 2,
+- "at", 2,
+- "of", 2,
+- "on", 2,
+- "off", 3,
+- "in", 2,
+- "out", 3,
+- "up", 2,
+- "down", 4,
+- "from", 4,
+- "with", 4,
+- "into", 4,
+- "for", 3,
+- "about", 5,
+- "between", 7,
++ { "to", 2 },
++ { "at", 2 },
++ { "of", 2 },
++ { "on", 2 },
++ { "off", 3 },
++ { "in", 2 },
++ { "out", 3 },
++ { "up", 2 },
++ { "down", 4 },
++ { "from", 4 },
++ { "with", 4 },
++ { "into", 4 },
++ { "for", 3 },
++ { "about", 5 },
++ { "between", 7 }
+ };
+
+-static FILE *exc_fps[NUMPARTS + 1];
++static FILE *exc_fps[NUMPARTS];
+
+ static int do_init();
+ static int strend(char *, char *);
+@@ -100,7 +100,7 @@ int re_morphinit(void)
+ {
+ int i;
+
+- for (i = 1; i <= NUMPARTS; i++) {
++ for (i = 0; i < NUMPARTS; i++) {
+ if (exc_fps[i] != NULL) {
+ fclose(exc_fps[i]); exc_fps[i] = NULL;
+ }
+@@ -144,18 +144,19 @@ static int do_init(void)
+ } else
+ sprintf(searchdir, DEFAULTPATH);
+ #else
+- if ((env = getenv("WNSEARCHDIR")) != NULL)
+- strcpy(searchdir, env);
+- else if ((env = getenv("WNHOME")) != NULL)
+- sprintf(searchdir, "%s%s", env, DICTDIR);
+- else
++ if ((env = getenv("WNSEARCHDIR")) != NULL) {
++ snprintf(searchdir, sizeof(searchdir), "%s", env);
++ } else if ((env = getenv("WNHOME")) != NULL) {
++ snprintf(searchdir, sizeof(searchdir), "%s%s", env, DICTDIR);
++ } else {
+ strcpy(searchdir, DEFAULTPATH);
++ }
+ #endif
+
+- for (i = 1; i <= NUMPARTS; i++) {
+- sprintf(fname, EXCFILE, searchdir, partnames[i]);
++ for (i = 0; i < NUMPARTS; i++) {
++ snprintf(fname, sizeof(fname), EXCFILE, searchdir, partnames[i+1]);
+ if ((exc_fps[i] = fopen(fname, "r")) == NULL) {
+- sprintf(msgbuf,
++ snprintf(msgbuf, sizeof(msgbuf),
+ "WordNet library error: Can't open exception file(%s)\n\n",
+ fname);
+ display_message(msgbuf);
+@@ -178,13 +179,16 @@ char *morphstr(char *origstr, int pos)
+ int prep;
+ char *end_idx1, *end_idx2;
+ char *append;
+-
++
+ if (pos == SATELLITE)
+ pos = ADJ;
+
+ /* First time through for this string */
+
+ if (origstr != NULL) {
++ if (strlen(origstr) > WORDBUF - 1)
++ return(NULL);
++
+ /* Assume string hasn't had spaces substitued with '_' */
+ strtolower(strsubst(strcpy(str, origstr), ' ', '_'));
+ searchstr[0] = '\0';
+@@ -232,7 +236,7 @@ char *morphstr(char *origstr, int pos)
+ if (end_idx < 0) return(NULL); /* shouldn't do this */
+ strncpy(word, str + st_idx, end_idx - st_idx);
+ word[end_idx - st_idx] = '\0';
+- if(tmp = morphword(word, pos))
++ if ((tmp = morphword(word, pos)) != NULL)
+ strcat(searchstr,tmp);
+ else
+ strcat(searchstr,word);
+@@ -240,7 +244,7 @@ char *morphstr(char *origstr, int pos)
+ st_idx = end_idx + 1;
+ }
+
+- if(tmp = morphword(strcpy(word, str + st_idx), pos))
++ if ((tmp = morphword(strcpy(word, str + st_idx), pos)) != NULL)
+ strcat(searchstr,tmp);
+ else
+ strcat(searchstr,word);
+@@ -270,16 +274,15 @@ char *morphword(char *word, int pos)
+ {
+ int offset, cnt;
+ int i;
+- static char retval[WORDBUF];
+- char *tmp, tmpbuf[WORDBUF], *end;
+-
+- sprintf(retval,"");
+- sprintf(tmpbuf, "");
+- end = "";
+-
++ static char retval[WORDBUF] = "";
++ char *tmp, tmpbuf[WORDBUF] = "", *end = "";
++
+ if(word == NULL)
+ return(NULL);
+
++ if (strlen(word) > WORDBUF - 1)
++ return(NULL);
++
+ /* first look for word on exception list */
+
+ if((tmp = exc_lookup(word, pos)) != NULL)
+@@ -335,7 +338,10 @@ static char *wordbase(char *word, int ender)
+ {
+ char *pt1;
+ static char copy[WORDBUF];
+-
++
++ if (strlen(word) > WORDBUF - 1)
++ return(NULL);
++
+ strcpy(copy, word);
+ if(strend(copy,sufx[ender])) {
+ pt1=strchr(copy,'\0');
+@@ -368,13 +374,14 @@ static char *exc_lookup(char *word, int pos)
+ {
+ static char line[WORDBUF], *beglp, *endlp;
+ char *excline;
+- int found = 0;
+
+ if (exc_fps[pos] == NULL)
+ return(NULL);
+
+ /* first time through load line from exception file */
+ if(word != NULL){
++ if (strlen(word) > WORDBUF - 1)
++ return(NULL);
+ if ((excline = bin_search(word, exc_fps[pos])) != NULL) {
+ strcpy(line, excline);
+ endlp = strchr(line,' ');
+@@ -403,6 +410,9 @@ static char *morphprep(char *s)
+ char word[WORDBUF], end[WORDBUF];
+ static char retval[WORDBUF];
+
++ if (strlen(s) > WORDBUF - 1)
++ return (NULL);
++
+ /* Assume that the verb is the first word in the phrase. Strip it
+ off, check for validity, then try various morphs with the
+ rest of the phrase tacked on, trying to find a match. */
+@@ -410,7 +420,7 @@ static char *morphprep(char *s)
+ rest = strchr(s, '_');
+ last = strrchr(s, '_');
+ if (rest != last) { /* more than 2 words */
+- if (lastwd = morphword(last + 1, NOUN)) {
++ if ((lastwd = morphword(last + 1, NOUN)) != NULL) {
+ strncpy(end, rest, last - rest + 1);
+ end[last-rest+1] = '\0';
+ strcat(end, lastwd);
+diff --git a/lib/search.c b/lib/search.c
+index 1cdedc3..bc781cd 100644
+--- a/lib/search.c
++++ b/lib/search.c
+@@ -13,6 +13,7 @@
+ #include <stdlib.h>
+ #include <string.h>
+ #include <assert.h>
++#include <limits.h>
+
+ #include "wn.h"
+
+@@ -119,33 +120,22 @@ IndexPtr parse_index(long offset, int dbase, char *line) {
+ if ( !line )
+ line = read_index( offset, indexfps[dbase] );
+
+- idx = (IndexPtr)malloc(sizeof(Index));
++ idx = (IndexPtr)calloc(1, sizeof(Index));
+ assert(idx);
+
+ /* set offset of entry in index file */
+ idx->idxoffset = offset;
+
+- idx->wd='\0';
+- idx->pos='\0';
+- idx->off_cnt=0;
+- idx->tagged_cnt = 0;
+- idx->sense_cnt=0;
+- idx->offset='\0';
+- idx->ptruse_cnt=0;
+- idx->ptruse='\0';
+-
+ /* get the word */
+ ptrtok=strtok(line," \n");
+
+- idx->wd = malloc(strlen(ptrtok) + 1);
++ idx->wd = strdup(ptrtok);
+ assert(idx->wd);
+- strcpy(idx->wd, ptrtok);
+
+ /* get the part of speech */
+ ptrtok=strtok(NULL," \n");
+- idx->pos = malloc(strlen(ptrtok) + 1);
++ idx->pos = strdup(ptrtok);
+ assert(idx->pos);
+- strcpy(idx->pos, ptrtok);
+
+ /* get the collins count */
+ ptrtok=strtok(NULL," \n");
+@@ -154,7 +144,12 @@ IndexPtr parse_index(long offset, int dbase, char *line) {
+ /* get the number of pointers types */
+ ptrtok=strtok(NULL," \n");
+ idx->ptruse_cnt = atoi(ptrtok);
+-
++
++ if (idx->ptruse_cnt < 0 || (unsigned int)idx->ptruse_cnt > UINT_MAX/sizeof(int)) {
++ free_index(idx);
++ return(NULL);
++ }
++
+ if (idx->ptruse_cnt) {
+ idx->ptruse = (int *) malloc(idx->ptruse_cnt * (sizeof(int)));
+ assert(idx->ptruse);
+@@ -173,9 +168,14 @@ IndexPtr parse_index(long offset, int dbase, char *line) {
+ /* get the number of senses that are tagged */
+ ptrtok=strtok(NULL," \n");
+ idx->tagged_cnt = atoi(ptrtok);
+-
++
++ if (idx->off_cnt < 0 || (unsigned long)idx->off_cnt > ULONG_MAX/sizeof(long)) {
++ free_index(idx);
++ return(NULL);
++ }
++
+ /* make space for the offsets */
+- idx->offset = (long *) malloc(idx->off_cnt * (sizeof(long)));
++ idx->offset = (unsigned long *) malloc(idx->off_cnt * sizeof(long));
+ assert(idx->offset);
+
+ /* get the offsets */
+@@ -197,15 +197,21 @@ IndexPtr getindex(char *searchstr, int dbase)
+ char strings[MAX_FORMS][WORDBUF]; /* vector of search strings */
+ static IndexPtr offsets[MAX_FORMS];
+ static int offset;
+-
++
+ /* This works like strrok(): if passed with a non-null string,
+ prepare vector of search strings and offsets. If string
+ is null, look at current list of offsets and return next
+ one, or NULL if no more alternatives for this word. */
+
+ if (searchstr != NULL) {
+-
+- offset = 0;
++ /* Bail out if the input is too long for us to handle */
++ if (strlen(searchstr) > (WORDBUF - 1)) {
++ strcpy(msgbuf, "WordNet library error: search term is too long\n");
++ display_message(msgbuf);
++ return(NULL);
++ }
++
++ offset = 0;
+ strtolower(searchstr);
+ for (i = 0; i < MAX_FORMS; i++) {
+ strcpy(strings[i], searchstr);
+@@ -229,11 +235,11 @@ IndexPtr getindex(char *searchstr, int dbase)
+ /* Get offset of first entry. Then eliminate duplicates
+ and get offsets of unique strings. */
+
+- if (strings[0][0] != NULL)
++ if (strings[0] != NULL)
+ offsets[0] = index_lookup(strings[0], dbase);
+
+ for (i = 1; i < MAX_FORMS; i++)
+- if ((strings[i][0]) != NULL && (strcmp(strings[0], strings[i])))
++ if (strings[i] != NULL && (strcmp(strings[0], strings[i])))
+ offsets[i] = index_lookup(strings[i], dbase);
+ }
+
+@@ -272,7 +278,7 @@ SynsetPtr read_synset(int dbase, long boffset, char *word)
+ SynsetPtr parse_synset(FILE *fp, int dbase, char *word)
+ {
+ static char line[LINEBUF];
+- char tbuf[SMLINEBUF];
++ char tbuf[SMLINEBUF] = "";
+ char *ptrtok;
+ char *tmpptr;
+ int foundpert = 0;
+@@ -286,33 +292,11 @@ SynsetPtr parse_synset(FILE *fp, int dbase, char *word)
+ if ((tmpptr = fgets(line, LINEBUF, fp)) == NULL)
+ return(NULL);
+
+- synptr = (SynsetPtr)malloc(sizeof(Synset));
++ synptr = (SynsetPtr)calloc(1, sizeof(Synset));
+ assert(synptr);
+-
+- synptr->hereiam = 0;
++
+ synptr->sstype = DONT_KNOW;
+- synptr->fnum = 0;
+- synptr->pos = '\0';
+- synptr->wcount = 0;
+- synptr->words = '\0';
+- synptr->whichword = 0;
+- synptr->ptrcount = 0;
+- synptr->ptrtyp = '\0';
+- synptr->ptroff = '\0';
+- synptr->ppos = '\0';
+- synptr->pto = '\0';
+- synptr->pfrm = '\0';
+- synptr->fcount = 0;
+- synptr->frmid = '\0';
+- synptr->frmto = '\0';
+- synptr->defn = '\0';
+- synptr->key = 0;
+- synptr->nextss = NULL;
+- synptr->nextform = NULL;
+ synptr->searchtype = -1;
+- synptr->ptrlist = NULL;
+- synptr->headword = NULL;
+- synptr->headsense = 0;
+
+ ptrtok = line;
+
+@@ -322,7 +306,7 @@ SynsetPtr parse_synset(FILE *fp, int dbase, char *word)
+
+ /* sanity check - make sure starting file offset matches first field */
+ if (synptr->hereiam != loc) {
+- sprintf(msgbuf, "WordNet library error: no synset at location %d\n",
++ sprintf(msgbuf, "WordNet library error: no synset at location %ld\n",
+ loc);
+ display_message(msgbuf);
+ free(synptr);
+@@ -335,16 +319,20 @@ SynsetPtr parse_synset(FILE *fp, int dbase, char *word)
+
+ /* looking at POS */
+ ptrtok = strtok(NULL, " \n");
+- synptr->pos = malloc(strlen(ptrtok) + 1);
++ synptr->pos = strdup(ptrtok);
+ assert(synptr->pos);
+- strcpy(synptr->pos, ptrtok);
+ if (getsstype(synptr->pos) == SATELLITE)
+ synptr->sstype = INDIRECT_ANT;
+
+ /* looking at numwords */
+ ptrtok = strtok(NULL, " \n");
+ synptr->wcount = strtol(ptrtok, NULL, 16);
+-
++
++ if (synptr->wcount < 0 || (unsigned int)synptr->wcount > UINT_MAX/sizeof(char *)) {
++ free_syns(synptr);
++ return(NULL);
++ }
++
+ synptr->words = (char **)malloc(synptr->wcount * sizeof(char *));
+ assert(synptr->words);
+ synptr->wnsns = (int *)malloc(synptr->wcount * sizeof(int));
+@@ -354,9 +342,8 @@ SynsetPtr parse_synset(FILE *fp, int dbase, char *word)
+
+ for (i = 0; i < synptr->wcount; i++) {
+ ptrtok = strtok(NULL, " \n");
+- synptr->words[i] = malloc(strlen(ptrtok) + 1);
++ synptr->words[i] = strdup(ptrtok);
+ assert(synptr->words[i]);
+- strcpy(synptr->words[i], ptrtok);
+
+ /* is this the word we're looking for? */
+
+@@ -371,6 +358,12 @@ SynsetPtr parse_synset(FILE *fp, int dbase, char *word)
+ ptrtok = strtok(NULL," \n");
+ synptr->ptrcount = atoi(ptrtok);
+
++ /* Should we check for long here as well? */
++ if (synptr->ptrcount < 0 || (unsigned int)synptr->ptrcount > UINT_MAX/sizeof(int)) {
++ free_syns(synptr);
++ return(NULL);
++ }
++
+ if (synptr->ptrcount) {
+
+ /* alloc storage for the pointers */
+@@ -455,21 +448,23 @@ SynsetPtr parse_synset(FILE *fp, int dbase, char *word)
+ ptrtok = strtok(NULL," \n");
+ if (ptrtok) {
+ ptrtok = strtok(NULL," \n");
+- sprintf(tbuf, "");
+ while (ptrtok != NULL) {
++ if (strlen(ptrtok) + strlen(tbuf) + 1 + 1 > sizeof(tbuf)) {
++ free_syns(synptr);
++ return(NULL);
++ }
+ strcat(tbuf,ptrtok);
+ ptrtok = strtok(NULL, " \n");
+ if(ptrtok)
+ strcat(tbuf," ");
+ }
+- assert((1 + strlen(tbuf)) < sizeof(tbuf));
+- synptr->defn = malloc(strlen(tbuf) + 4);
++ synptr->defn = malloc(strlen(tbuf) + 3);
+ assert(synptr->defn);
+ sprintf(synptr->defn,"(%s)",tbuf);
+ }
+
+ if (keyindexfp) { /* we have unique keys */
+- sprintf(tmpbuf, "%c:%8.8d", partchars[dbase], synptr->hereiam);
++ sprintf(tmpbuf, "%c:%8.8ld", partchars[dbase], synptr->hereiam);
+ synptr->key = GetKeyForOffset(tmpbuf);
+ }
+
+@@ -635,7 +630,7 @@ static void traceptrs(SynsetPtr synptr, int ptrtyp, int dbase, int depth)
+
+ if ((ptrtyp == PERTPTR || ptrtyp == PPLPTR) &&
+ synptr->pto[i] != 0) {
+- sprintf(tbuf, " (Sense %d)\n",
++ snprintf(tbuf, sizeof(tbuf), " (Sense %d)\n",
+ cursyn->wnsns[synptr->pto[i] - 1]);
+ printsynset(prefix, cursyn, tbuf, DEFOFF, synptr->pto[i],
+ SKIP_ANTS, PRINT_MARKER);
+@@ -656,7 +651,7 @@ static void traceptrs(SynsetPtr synptr, int ptrtyp, int dbase, int depth)
+ traceptrs(cursyn, HYPERPTR, getpos(cursyn->pos), 0);
+ }
+ } else if (ptrtyp == ANTPTR && dbase != ADJ && synptr->pto[i] != 0) {
+- sprintf(tbuf, " (Sense %d)\n",
++ snprintf(tbuf, sizeof(tbuf), " (Sense %d)\n",
+ cursyn->wnsns[synptr->pto[i] - 1]);
+ printsynset(prefix, cursyn, tbuf, DEFOFF, synptr->pto[i],
+ SKIP_ANTS, PRINT_MARKER);
+@@ -817,7 +812,7 @@ static void tracenomins(SynsetPtr synptr, int dbase)
+
+ cursyn = read_synset(synptr->ppos[i], synptr->ptroff[i], "");
+
+- sprintf(tbuf, "#%d\n",
++ snprintf(tbuf, sizeof(tbuf), "#%d\n",
+ cursyn->wnsns[synptr->pto[i] - 1]);
+ printsynset(prefix, cursyn, tbuf, DEFOFF, synptr->pto[i],
+ SKIP_ANTS, SKIP_MARKER);
+@@ -989,12 +984,12 @@ void getexample(char *offset, char *wd)
+ char sentbuf[512];
+
+ if (vsentfilefp != NULL) {
+- if (line = bin_search(offset, vsentfilefp)) {
++ if ((line = bin_search(offset, vsentfilefp)) != NULL) {
+ while(*line != ' ')
+ line++;
+
+ printbuffer(" EX: ");
+- sprintf(sentbuf, line, wd);
++ snprintf(sentbuf, sizeof(sentbuf), line, wd);
+ printbuffer(sentbuf);
+ }
+ }
+@@ -1011,7 +1006,7 @@ int findexample(SynsetPtr synptr)
+ if (vidxfilefp != NULL) {
+ wdnum = synptr->whichword - 1;
+
+- sprintf(tbuf,"%s%%%-1.1d:%-2.2d:%-2.2d::",
++ snprintf(tbuf, sizeof(tbuf), "%s%%%-1.1d:%-2.2d:%-2.2d::",
+ synptr->words[wdnum],
+ getpos(synptr->pos),
+ synptr->fnum,
+@@ -1124,7 +1119,7 @@ static void freq_word(IndexPtr index)
+ if (cnt >= 17 && cnt <= 32) familiar = 6;
+ if (cnt > 32 ) familiar = 7;
+
+- sprintf(tmpbuf,
++ snprintf(tmpbuf, sizeof(tmpbuf),
+ "\n%s used as %s is %s (polysemy count = %d)\n",
+ index->wd, a_an[getpos(index->pos)], freqcats[familiar], cnt);
+ printbuffer(tmpbuf);
+@@ -1147,6 +1142,9 @@ void wngrep (char *word_passed, int pos) {
+ }
+ rewind(inputfile);
+
++ if (strlen(word_passed) + 1 > sizeof(word))
++ return;
++
+ strcpy (word, word_passed);
+ ToLowerCase(word); /* map to lower case for index file search */
+ strsubst (word, ' ', '_'); /* replace spaces with underscores */
+@@ -1169,7 +1167,7 @@ void wngrep (char *word_passed, int pos) {
+ ((line[loc + wordlen] == '-') || (line[loc + wordlen] == '_')))
+ ) {
+ strsubst (line, '_', ' ');
+- sprintf (tmpbuf, "%s\n", line);
++ snprintf (tmpbuf, sizeof(tmpbuf), "%s\n", line);
+ printbuffer (tmpbuf);
+ break;
+ }
+@@ -1570,7 +1568,8 @@ char *findtheinfo(char *searchstr, int dbase, int ptrtyp, int whichsense)
+ bufstart[0] = '\n';
+ bufstart++;
+ }
+- strncpy(bufstart, tmpbuf, strlen(tmpbuf));
++ /* Don't include the \0 */
++ memcpy(bufstart, tmpbuf, strlen(tmpbuf));
+ bufstart = searchbuffer + strlen(searchbuffer);
+ }
+ }
+@@ -1683,9 +1682,8 @@ SynsetPtr traceptrs_ds(SynsetPtr synptr, int ptrtyp, int dbase, int depth)
+ cursyn = read_synset(synptr->ppos[i],
+ synptr->ptroff[i],
+ "");
+- synptr->headword = malloc(strlen(cursyn->words[0]) + 1);
++ synptr->headword = strdup(cursyn->words[0]);
+ assert(synptr->headword);
+- strcpy(synptr->headword, cursyn->words[0]);
+ synptr->headsense = cursyn->lexid[0];
+ free_synset(cursyn);
+ break;
+@@ -2013,7 +2011,7 @@ static int getsearchsense(SynsetPtr synptr, int whichword)
+ strsubst(strcpy(wdbuf, synptr->words[whichword - 1]), ' ', '_');
+ strtolower(wdbuf);
+
+- if (idx = index_lookup(wdbuf, getpos(synptr->pos))) {
++ if ((idx = index_lookup(wdbuf, getpos(synptr->pos))) != NULL) {
+ for (i = 0; i < idx->off_cnt; i++)
+ if (idx->offset[i] == synptr->hereiam) {
+ free_index(idx);
+@@ -2037,7 +2035,7 @@ static void printsynset(char *head, SynsetPtr synptr, char *tail, int definition
+ by flags */
+
+ if (offsetflag) /* print synset offset */
+- sprintf(tbuf + strlen(tbuf),"{%8.8d} ", synptr->hereiam);
++ sprintf(tbuf + strlen(tbuf),"{%8.8ld} ", synptr->hereiam);
+ if (fileinfoflag) { /* print lexicographer file information */
+ sprintf(tbuf + strlen(tbuf), "<%s> ", lexfiles[synptr->fnum]);
+ prlexid = 1; /* print lexicographer id after word */
+@@ -2072,7 +2070,7 @@ static void printantsynset(SynsetPtr synptr, char *tail, int anttype, int defini
+ tbuf[0] = '\0';
+
+ if (offsetflag)
+- sprintf(tbuf,"{%8.8d} ", synptr->hereiam);
++ sprintf(tbuf,"{%8.8ld} ", synptr->hereiam);
+ if (fileinfoflag) {
+ sprintf(tbuf + strlen(tbuf),"<%s> ", lexfiles[synptr->fnum]);
+ prlexid = 1;
+diff --git a/lib/wnutil.c b/lib/wnutil.c
+index 5ee5d76..7b7948a 100644
+--- a/lib/wnutil.c
++++ b/lib/wnutil.c
+@@ -48,7 +48,7 @@ int wninit(void)
+ char *env;
+
+ if (!done) {
+- if (env = getenv("WNDBVERSION")) {
++ if ((env = getenv("WNDBVERSION")) != NULL) {
+ wnrelease = strdup(env); /* set release */
+ assert(wnrelease);
+ }
+@@ -70,7 +70,7 @@ int re_wninit(void)
+
+ closefps();
+
+- if (env = getenv("WNDBVERSION")) {
++ if ((env = getenv("WNDBVERSION")) != NULL) {
+ wnrelease = strdup(env); /* set release */
+ assert(wnrelease);
+ }
+@@ -149,25 +149,25 @@ static int do_init(void)
+ sprintf(searchdir, DEFAULTPATH);
+ #else
+ if ((env = getenv("WNSEARCHDIR")) != NULL)
+- strcpy(searchdir, env);
++ snprintf(searchdir, sizeof(searchdir), "%s", env);
+ else if ((env = getenv("WNHOME")) != NULL)
+- sprintf(searchdir, "%s%s", env, DICTDIR);
++ snprintf(searchdir, sizeof(searchdir), "%s%s", env, DICTDIR);
+ else
+ strcpy(searchdir, DEFAULTPATH);
+ #endif
+
+ for (i = 1; i < NUMPARTS + 1; i++) {
+- sprintf(tmpbuf, DATAFILE, searchdir, partnames[i]);
++ snprintf(tmpbuf, sizeof(tmpbuf), DATAFILE, searchdir, partnames[i]);
+ if((datafps[i] = fopen(tmpbuf, "r")) == NULL) {
+- sprintf(msgbuf,
++ snprintf(msgbuf, sizeof(msgbuf),
+ "WordNet library error: Can't open datafile(%s)\n",
+ tmpbuf);
+ display_message(msgbuf);
+ openerr = -1;
+ }
+- sprintf(tmpbuf, INDEXFILE, searchdir, partnames[i]);
++ snprintf(tmpbuf, sizeof(tmpbuf), INDEXFILE, searchdir, partnames[i]);
+ if((indexfps[i] = fopen(tmpbuf, "r")) == NULL) {
+- sprintf(msgbuf,
++ snprintf(msgbuf, sizeof(msgbuf),
+ "WordNet library error: Can't open indexfile(%s)\n",
+ tmpbuf);
+ display_message(msgbuf);
+@@ -178,35 +178,35 @@ static int do_init(void)
+ /* This file isn't used by the library and doesn't have to
+ be present. No error is reported if the open fails. */
+
+- sprintf(tmpbuf, SENSEIDXFILE, searchdir);
++ snprintf(tmpbuf, sizeof(tmpbuf), SENSEIDXFILE, searchdir);
+ sensefp = fopen(tmpbuf, "r");
+
+ /* If this file isn't present, the runtime code will skip printint out
+ the number of times each sense was tagged. */
+
+- sprintf(tmpbuf, CNTLISTFILE, searchdir);
++ snprintf(tmpbuf, sizeof(tmpbuf), CNTLISTFILE, searchdir);
+ cntlistfp = fopen(tmpbuf, "r");
+
+ /* This file doesn't have to be present. No error is reported if the
+ open fails. */
+
+- sprintf(tmpbuf, KEYIDXFILE, searchdir);
++ snprintf(tmpbuf, sizeof(tmpbuf), KEYIDXFILE, searchdir);
+ keyindexfp = fopen(tmpbuf, "r");
+
+- sprintf(tmpbuf, REVKEYIDXFILE, searchdir);
++ snprintf(tmpbuf, sizeof(tmpbuf), REVKEYIDXFILE, searchdir);
+ revkeyindexfp = fopen(tmpbuf, "r");
+
+- sprintf(tmpbuf, VRBSENTFILE, searchdir);
++ snprintf(tmpbuf, sizeof(tmpbuf), VRBSENTFILE, searchdir);
+ if ((vsentfilefp = fopen(tmpbuf, "r")) == NULL) {
+- sprintf(msgbuf,
++ snprintf(msgbuf, sizeof(msgbuf),
+ "WordNet library warning: Can't open verb example sentence file(%s)\n",
+ tmpbuf);
+ display_message(msgbuf);
+ }
+
+- sprintf(tmpbuf, VRBIDXFILE, searchdir);
++ snprintf(tmpbuf, sizeof(tmpbuf), VRBIDXFILE, searchdir);
+ if ((vidxfilefp = fopen(tmpbuf, "r")) == NULL) {
+- sprintf(msgbuf,
++ snprintf(msgbuf, sizeof(msgbuf),
+ "WordNet library warning: Can't open verb example sentence index file(%s)\n",
+ tmpbuf);
+ display_message(msgbuf);
+diff --git a/src/wn.c b/src/wn.c
+index ddb27aa..5c6a255 100644
+--- a/src/wn.c
++++ b/src/wn.c
+@@ -129,7 +129,7 @@ static void printusage(), printlicense(),
+ printsearches(char *, int, unsigned long);
+ static int error_message(char *);
+
+-main(int argc,char *argv[])
++int main(int argc,char *argv[])
+ {
+ display_message = error_message;
+
+@@ -225,14 +225,14 @@ static int do_search(char *searchword, int pos, int search, int whichsense,
+ printf("\n%s of %s %s\n%s",
+ label, partnames[pos], searchword, outbuf);
+
+- if (morphword = morphstr(searchword, pos))
++ if ((morphword = morphstr(searchword, pos)) != NULL)
+ do {
+ outbuf = findtheinfo(morphword, pos, search, whichsense);
+ totsenses += wnresults.printcnt;
+ if (strlen(outbuf) > 0)
+ printf("\n%s of %s %s\n%s",
+ label, partnames[pos], morphword, outbuf);
+- } while (morphword = morphstr(NULL, pos));
++ } while ((morphword = morphstr(NULL, pos)) != NULL);
+
+ return(totsenses);
+ }
diff --git a/app-dicts/wordnet/wordnet-2.0.ebuild b/app-dicts/wordnet/wordnet-2.0.ebuild
deleted file mode 100644
index f344b22859cb..000000000000
--- a/app-dicts/wordnet/wordnet-2.0.ebuild
+++ /dev/null
@@ -1,35 +0,0 @@
-# Copyright 1999-2007 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-dicts/wordnet/wordnet-2.0.ebuild,v 1.8 2007/08/05 08:37:11 grobian Exp $
-
-inherit flag-o-matic
-
-DESCRIPTION="WordNet : a lexical database for the English language"
-HOMEPAGE="http://www.cogsci.princeton.edu/~wn/"
-SRC_URI="ftp://ftp.cogsci.princeton.edu/pub/wordnet/${PV}/WordNet-${PV}.tar.gz"
-DEPEND="dev-lang/tcl
- dev-lang/tk"
-LICENSE="Princeton"
-IUSE=""
-SLOT="0"
-KEYWORDS="~amd64 ~ppc ~x86"
-S=${WORKDIR}/WordNet-${PV}
-
-src_unpack() {
- unpack $A
- epatch ${FILESDIR}/Makefiles.diff
-}
-
-src_compile() {
- append-flags -DUNIX -I${T}/usr/include
- MAKEOPTS="-e"
- PLATFORM=linux WN_ROOT=${T}/usr \
- WN_DICTDIR=${T}/usr/share/wordnet/dict \
- WN_MANDIR=${T}/usr/share/man \
- WN_DOCDIR=${T}/usr/share/doc/wordnet-${PV} \
- emake SrcWorld || die
-}
-
-src_install() {
- cp -r ${T}/usr ${D}
-}
diff --git a/app-dicts/wordnet/wordnet-2.1.ebuild b/app-dicts/wordnet/wordnet-2.1.ebuild
deleted file mode 100644
index a549e6b7e006..000000000000
--- a/app-dicts/wordnet/wordnet-2.1.ebuild
+++ /dev/null
@@ -1,40 +0,0 @@
-# Copyright 1999-2007 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/app-dicts/wordnet/wordnet-2.1.ebuild,v 1.6 2007/08/05 08:37:11 grobian Exp $
-
-inherit flag-o-matic
-
-DESCRIPTION="A lexical database for the English language"
-HOMEPAGE="http://wordnet.princeton.edu/"
-SRC_URI="ftp://ftp.cogsci.princeton.edu/pub/wordnet/${PV}/WordNet-${PV}.tar.gz"
-# In contrast to what the configure script seems to imply, Tcl/Tk is NOT optional.
-# cf. bug 163478 for details
-DEPEND="dev-lang/tcl
- dev-lang/tk"
-LICENSE="Princeton"
-IUSE=""
-SLOT="0"
-KEYWORDS="~amd64 ~ppc ~x86"
-S=${WORKDIR}/WordNet-${PV}
-
-src_unpack() {
- unpack $A
- epatch "${FILESDIR}/Wordnet-2.1-dict-location.patch"
- cd WordNet-2.1
- epatch "${FILESDIR}/Wordnet-2.1-compile-fix-new.patch"
-}
-
-src_compile() {
- append-flags -DUNIX -I${T}/usr/include
- MAKEOPTS="-e"
- PLATFORM=linux WN_ROOT="${T}/usr" \
- WN_DICTDIR="${T}/usr/share/wordnet/dict" \
- WN_MANDIR="${T}/usr/share/man" \
- WN_DOCDIR="${T}/usr/share/doc/wordnet-${PV}" \
- econf || die "Configuration Failed"
- emake || die "Make Failed"
-}
-
-src_install() {
- emake install DESTDIR="${D}" || die "Install Failed"
-}
diff --git a/app-dicts/wordnet/wordnet-3.0-r1.ebuild b/app-dicts/wordnet/wordnet-3.0-r1.ebuild
new file mode 100644
index 000000000000..16984acd2ce8
--- /dev/null
+++ b/app-dicts/wordnet/wordnet-3.0-r1.ebuild
@@ -0,0 +1,61 @@
+# Copyright 1999-2008 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/app-dicts/wordnet/wordnet-3.0-r1.ebuild,v 1.1 2008/09/10 06:57:39 pva Exp $
+
+inherit flag-o-matic autotools
+
+DESCRIPTION="A lexical database for the English language"
+HOMEPAGE="http://wordnet.princeton.edu/"
+SRC_URI="ftp://ftp.cogsci.princeton.edu/pub/wordnet/${PV}/WordNet-${PV}.tar.gz"
+LICENSE="Princeton"
+
+SLOT="0"
+KEYWORDS="~amd64 ~ppc ~x86"
+IUSE="doc"
+
+# In contrast to what the configure script seems to imply, Tcl/Tk is NOT optional.
+# cf. bug 163478 for details. (Yes, it's about 2.1 but it's still the same here.)
+DEPEND="dev-lang/tcl
+ dev-lang/tk"
+RDEPEND="${DEPEND}"
+
+S=${WORKDIR}/WordNet-${PV}
+
+src_unpack() {
+ unpack ${A}
+ # Don't install into PREFIX/dict but PREFIX/share/wordnet/dict
+ epatch "${FILESDIR}/${P}-dict-location.patch"
+ # Fixes bug 130024, make an additional shared lib
+ epatch "${FILESDIR}/${P}-shared-lib.patch"
+ # Don't install the docs directly into PREFIX/doc but PREFIX/doc/PN
+ epatch "${FILESDIR}/${P}-docs-path.patch"
+
+ cd "${S}"
+ epatch "${FILESDIR}"/${P}-CVE-2008-3908.patch #211491
+
+ # Don't install all the extra docs (html, pdf, ps) without doc USE flag.
+ use doc || sed -i -e "s:SUBDIRS =.*:SUBDIRS = man:" doc/Makefile.am
+
+ rm -f configure
+ eautoreconf
+}
+
+src_compile() {
+ append-flags -DUNIX -I${T}/usr/include
+
+ MAKEOPTS="-e"
+ PLATFORM=linux WN_ROOT="${T}/usr" \
+ WN_DICTDIR="${T}/usr/share/wordnet/dict" \
+ WN_MANDIR="${T}/usr/share/man" \
+ WN_DOCDIR="${T}/usr/share/doc/wordnet-${PV}" \
+ WNHOME="/usr/share/wordnet" \
+ econf || die "econf failed"
+ emake || die "emake Failed"
+}
+
+src_install() {
+ emake install DESTDIR="${D}" || die "install failed"
+
+ # We don't install COPYING because it's identical to LICENSE
+ dodoc AUTHORS ChangeLog INSTALL LICENSE README || die "dodoc failed"
+}