diff options
-rw-r--r-- | dev-util/rats/ChangeLog | 8 | ||||
-rw-r--r-- | dev-util/rats/files/digest-rats-2.1-r2 | 3 | ||||
-rw-r--r-- | dev-util/rats/files/rats-2.1-fix-null-pointers.patch | 128 | ||||
-rw-r--r-- | dev-util/rats/rats-2.1-r2.ebuild | 37 |
4 files changed, 175 insertions, 1 deletions
diff --git a/dev-util/rats/ChangeLog b/dev-util/rats/ChangeLog index c6507e7d071e..5a421266edd9 100644 --- a/dev-util/rats/ChangeLog +++ b/dev-util/rats/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for dev-util/rats # Copyright 2000-2006 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/dev-util/rats/ChangeLog,v 1.12 2006/05/22 05:32:38 robbat2 Exp $ +# $Header: /var/cvsroot/gentoo-x86/dev-util/rats/ChangeLog,v 1.13 2006/05/22 06:37:06 robbat2 Exp $ + +*rats-2.1-r2 (22 May 2006) + + 22 May 2006; Robin H. Johnson <robbat2@gentoo.org> + +files/rats-2.1-fix-null-pointers.patch, +rats-2.1-r2.ebuild: + Add yet another fix against a segfault that ChrisWhite found. 22 May 2006; Robin H. Johnson <robbat2@gentoo.org> rats-2.1-r1.ebuild: Forgot to inherit eutils. diff --git a/dev-util/rats/files/digest-rats-2.1-r2 b/dev-util/rats/files/digest-rats-2.1-r2 new file mode 100644 index 000000000000..cf460df77785 --- /dev/null +++ b/dev-util/rats/files/digest-rats-2.1-r2 @@ -0,0 +1,3 @@ +MD5 adf31806f1eff0c353abcfd57653ecb3 rats-2.1.tar.gz 326930 +RMD160 6385ff617bf629b03eff64f5563963c905341f22 rats-2.1.tar.gz 326930 +SHA256 ec9fac2765b655c03cede8c5920de3226581f1e626be314bce95f4d0ac9aadd9 rats-2.1.tar.gz 326930 diff --git a/dev-util/rats/files/rats-2.1-fix-null-pointers.patch b/dev-util/rats/files/rats-2.1-fix-null-pointers.patch new file mode 100644 index 000000000000..0d4c701f0bfc --- /dev/null +++ b/dev-util/rats/files/rats-2.1-fix-null-pointers.patch @@ -0,0 +1,128 @@ +diff -Nuar rats-2.1.orig/report.c rats-2.1/report.c +--- rats-2.1.orig/report.c 2002-09-16 21:05:43.000000000 -0700 ++++ rats-2.1/report.c 2006-05-21 23:16:16.323046789 -0700 +@@ -122,9 +122,15 @@ + return result; + } + +- +- +- ++/* Exclusively for debugging vulnerabilities. ++ * - robbat2@gentoo.org 21/05/2006 */ ++static void debug_vuln_dump(vulnerability_t *ptr) { ++ fprintf(stderr,"vuln_dump: this=%x f=%s l=%d c=%d d=%x t=%d s=%d u=%x p=(%x,%x)\n", ++ ptr, ++ ptr->filename,ptr->lineno,ptr->column, ++ ptr->data,ptr->type,ptr->severity, ++ ptr->uses,ptr->next,ptr->prev); ++} + + static void + replace_cfname(char *filename) +@@ -317,6 +323,27 @@ + insert_vulnerability(log); + } + ++/* These are special static vulnerabilities because we don't ++ * want NULL data elements in the vulnerability_t->data ++ * field, because the HTML and XML output formats use that ++ * pointer without checking it for being null first. ++ * - robbat2@gentoo.org 21/05/2006 */ ++static struct Vuln_t vuln_PerlBacktick = { ++ .Name = "Perl Backtick" ++}; ++static struct Vuln_t vuln_PhpBacktick = { ++ .Name = "PHP Backtick" ++}; ++static struct Vuln_t vuln_PythonBacktick = { ++ .Name = "Python Backtick" ++}; ++static struct Vuln_t vuln_StaticLocalBuffer = { ++ .Name = "Static Local Buffer" ++}; ++static struct Vuln_t vuln_StaticGlobalBuffer = { ++ .Name = "Static Global Buffer" ++}; ++ + void log_perlbacktick(int lineno, int column, Severity_t severity) + { + vulnerability_t * log; +@@ -325,7 +352,7 @@ + log->filename = current_file; + log->column = column; + log->lineno = lineno; +- log->data = (Vuln_t *)NULL; ++ log->data = &vuln_PerlBacktick; + log->type = PerlBacktick; + log->severity = severity; + log->uses = (toctou_use_t *)NULL; +@@ -342,7 +369,7 @@ + log->filename = current_file; + log->column = column; + log->lineno = lineno; +- log->data = (Vuln_t *)NULL; ++ log->data = &vuln_PhpBacktick; + log->type = PhpBacktick; + log->severity = severity; + log->uses = (toctou_use_t *)NULL; +@@ -358,7 +385,7 @@ + log->filename = current_file; + log->column = column; + log->lineno = lineno; +- log->data = (Vuln_t *)NULL; ++ log->data = &vuln_PythonBacktick; + log->type = PythonBacktick; + log->severity = severity; + log->uses = (toctou_use_t *)NULL; +@@ -374,7 +401,16 @@ + log->filename = current_file; + log->column = column; + log->lineno = lineno; +- log->data = (Vuln_t *)NULL; ++ switch(type) { ++ case StaticLocalBuffer: ++ log->data = &vuln_StaticLocalBuffer; ++ break; ++ case StaticGlobalBuffer: ++ log->data = &vuln_StaticGlobalBuffer; ++ break; ++ default: ++ log->data = (Vuln_t *)NULL; ++ } + log->type = type; + log->severity = severity; + log->uses = (toctou_use_t *)NULL; +@@ -432,6 +468,10 @@ + static void build_xml_vulnerability(vulnerability_t *ptr) { + int i; + ++ /* Debugging - robbat2@gentoo.org 21/05/2006 */ ++ if(ptr->data == NULL) ++ debug_vuln_dump(ptr); ++ + printf("<vulnerability>\n"); + + /* Output the severity */ +@@ -593,6 +633,8 @@ + void report_vulnerability(vulnerability_t *ptr) + { + int i; ++ if(ptr->data == NULL) ++ debug_vuln_dump(ptr); + + switch (ptr->type) + { +@@ -890,8 +932,10 @@ + + static void build_html_vulnerability(vulnerability_t *ptr) { + int i; +- +- ++ ++ /* Debugging - robbat2@gentoo.org 21/05/2006 */ ++ if(ptr->data == NULL) ++ debug_vuln_dump(ptr); + + /* Output the severity */ + printf(" <b>Severity: %s</b><br/>\n", diff --git a/dev-util/rats/rats-2.1-r2.ebuild b/dev-util/rats/rats-2.1-r2.ebuild new file mode 100644 index 000000000000..12f81ce7af88 --- /dev/null +++ b/dev-util/rats/rats-2.1-r2.ebuild @@ -0,0 +1,37 @@ +# Copyright 1999-2006 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/dev-util/rats/rats-2.1-r2.ebuild,v 1.1 2006/05/22 06:37:06 robbat2 Exp $ + +inherit eutils + +DESCRIPTION="RATS - Rough Auditing Tool for Security" +HOMEPAGE="http://www.securesoftware.com/download_rats.htm" +SRC_URI="http://www.securesoftware.com/${PN}/${P}.tar.gz" +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="~amd64 ~ppc ~x86" +IUSE="" +DEPEND="dev-libs/expat + virtual/libc" + +src_unpack() { + unpack ${A} + epatch ${FILESDIR}/${P}-add-getopt-trailing-null.patch + epatch ${FILESDIR}/${P}-fix-null-pointers.patch +} + +src_compile() { + econf --datadir="/usr/share/${PN}/" || die + emake || die +} + +src_install () { + einstall SHAREDIR="${D}/usr/share/${PN}" MANDIR="${D}/usr/share/man" || die + dodoc README README.win32 +} + +pkg_postinst() { + ewarn "Please be careful when using this program with it's force language" + ewarn "option, '--language <LANG>' it may take huge amounts of memory when" + ewarn "it tries to treat binary files as some other type." +} |