diff options
-rw-r--r-- | app-text/enscript/ChangeLog | 9 | ||||
-rw-r--r-- | app-text/enscript/Manifest | 7 | ||||
-rw-r--r-- | app-text/enscript/enscript-1.6.3-r2.ebuild | 39 | ||||
-rw-r--r-- | app-text/enscript/files/digest-enscript-1.6.3-r2 | 1 | ||||
-rw-r--r-- | app-text/enscript/files/enscript-1.6.3-security.patch | 189 |
5 files changed, 242 insertions, 3 deletions
diff --git a/app-text/enscript/ChangeLog b/app-text/enscript/ChangeLog index 7a8907d77fc1..db0b5b0f0e64 100644 --- a/app-text/enscript/ChangeLog +++ b/app-text/enscript/ChangeLog @@ -1,6 +1,13 @@ # ChangeLog for app-text/enscript # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/app-text/enscript/ChangeLog,v 1.21 2005/01/02 22:00:50 ciaranm Exp $ +# $Header: /var/cvsroot/gentoo-x86/app-text/enscript/ChangeLog,v 1.22 2005/01/21 14:31:27 solar Exp $ + +*enscript-1.6.3-r2 (21 Jan 2005) + + 21 Jan 2005; <solar@gentoo.org> +files/enscript-1.6.3-security.patch, + +enscript-1.6.3-r2.ebuild: + - security bump for bug #77408 fixes CAN-2004-1184, CAN-2004-1185, + CAN-2004-1186 02 Jan 2005; Ciaran McCreesh <ciaranm@gentoo.org> : Change encoding to UTF-8 for GLEP 31 compliance diff --git a/app-text/enscript/Manifest b/app-text/enscript/Manifest index d594ccd62c3d..2b511364d0ac 100644 --- a/app-text/enscript/Manifest +++ b/app-text/enscript/Manifest @@ -1,5 +1,8 @@ -MD5 7c7a50d3b77ef67bdb026af3ba573c7f ChangeLog 2283 +MD5 36dec16c09d6f5a1740db37deca1bd0b enscript-1.6.3-r2.ebuild 925 MD5 b2e93a545ae790fb6fb3f5109e60923a enscript-1.6.3.ebuild 696 MD5 0db790ea45572b922465082d97fe6488 enscript-1.6.3-r1.ebuild 813 -MD5 528d3e39a7e18ff200cccfd037ee0422 files/digest-enscript-1.6.3 66 +MD5 7c7a50d3b77ef67bdb026af3ba573c7f ChangeLog 2283 MD5 528d3e39a7e18ff200cccfd037ee0422 files/digest-enscript-1.6.3-r1 66 +MD5 528d3e39a7e18ff200cccfd037ee0422 files/digest-enscript-1.6.3-r2 66 +MD5 528d3e39a7e18ff200cccfd037ee0422 files/digest-enscript-1.6.3 66 +MD5 90c2dfb225dc7d363155d6315aa2ca0d files/enscript-1.6.3-security.patch 6043 diff --git a/app-text/enscript/enscript-1.6.3-r2.ebuild b/app-text/enscript/enscript-1.6.3-r2.ebuild new file mode 100644 index 000000000000..a9a4e589e4e0 --- /dev/null +++ b/app-text/enscript/enscript-1.6.3-r2.ebuild @@ -0,0 +1,39 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/app-text/enscript/enscript-1.6.3-r2.ebuild,v 1.1 2005/01/21 14:31:27 solar Exp $ + +inherit eutils + +DESCRIPTION="powerful text-to-postscript converter" +SRC_URI="http://www.iki.fi/mtr/genscript/${P}.tar.gz" +HOMEPAGE="http://www.gnu.org/software/enscript/enscript.html" + +KEYWORDS="~x86 ~ppc ~sparc ~amd64 ~alpha ~mips ~ppc64" +SLOT="0" +LICENSE="GPL-2" +IUSE="nls" + +DEPEND="sys-devel/flex + sys-devel/bison + nls? ( sys-devel/gettext )" +RDEPEND="nls? ( sys-devel/gettext )" + +src_unpack() { + unpack ${A} + cd ${S} + epatch ${FILESDIR}/enscript-1.6.3-security.patch +} + +src_compile() { + econf `use_enable nls` || die + emake || die +} + +src_install() { + einstall || die + dodoc AUTHORS ChangeLog FAQ.html NEWS README* THANKS TODO +} + +pkg_postinst() { + einfo "Now, customize /etc/enscript.cfg." +} diff --git a/app-text/enscript/files/digest-enscript-1.6.3-r2 b/app-text/enscript/files/digest-enscript-1.6.3-r2 new file mode 100644 index 000000000000..57b3e69cc3f8 --- /dev/null +++ b/app-text/enscript/files/digest-enscript-1.6.3-r2 @@ -0,0 +1 @@ +MD5 ec717f8b0de7db00a21a21f70d354610 enscript-1.6.3.tar.gz 814308 diff --git a/app-text/enscript/files/enscript-1.6.3-security.patch b/app-text/enscript/files/enscript-1.6.3-security.patch new file mode 100644 index 000000000000..52f66188dbba --- /dev/null +++ b/app-text/enscript/files/enscript-1.6.3-security.patch @@ -0,0 +1,189 @@ +diff -u -p -Nr --exclude CVS orig/enscript-1.6.3/src/gsint.h enscript-1.6.3.CAN-2004-1184/src/gsint.h +--- orig/enscript-1.6.3/src/gsint.h 2000-07-11 17:28:06.000000000 +0200 ++++ enscript-1.6.3.CAN-2004-1184/src/gsint.h 2005-01-04 20:45:24.000000000 +0100 +@@ -701,4 +701,9 @@ FILE *printer_open ___P ((char *cmd, cha + */ + void printer_close ___P ((void *context)); + ++/* ++ * Escape filenames for shell usage ++ */ ++char *shell_escape ___P ((const char *fn)); ++ + #endif /* not GSINT_H */ +diff -u -p -Nr --exclude CVS orig/enscript-1.6.3/src/main.c enscript-1.6.3.CAN-2004-1184/src/main.c +--- orig/enscript-1.6.3/src/main.c 2005-01-04 20:52:31.000000000 +0100 ++++ enscript-1.6.3.CAN-2004-1184/src/main.c 2005-01-05 10:57:44.000000000 +0100 +@@ -1555,9 +1555,13 @@ name width\theight\tllx\tlly + buffer_append (&cmd, intbuf); + buffer_append (&cmd, " "); + +- buffer_append (&cmd, "-Ddocument_title=\""); +- buffer_append (&cmd, title); +- buffer_append (&cmd, "\" "); ++ buffer_append (&cmd, "-Ddocument_title=\'"); ++ if ((cp = shell_escape (title)) != NULL) ++ { ++ buffer_append (&cmd, cp); ++ free (cp); ++ } ++ buffer_append (&cmd, "\' "); + + buffer_append (&cmd, "-Dtoc="); + buffer_append (&cmd, toc ? "1" : "0"); +@@ -1574,8 +1578,14 @@ name width\theight\tllx\tlly + /* Append input files. */ + for (i = optind; i < argc; i++) + { +- buffer_append (&cmd, " "); +- buffer_append (&cmd, argv[i]); ++ char *cp; ++ if ((cp = shell_escape (argv[i])) != NULL) ++ { ++ buffer_append (&cmd, " \'"); ++ buffer_append (&cmd, cp); ++ buffer_append (&cmd, "\'"); ++ free (cp); ++ } + } + + /* And do the job. */ +@@ -1636,7 +1645,7 @@ name width\theight\tllx\tlly + buffer_ptr (opts), buffer_len (opts)); + } + +- buffer_append (&buffer, " \"%s\""); ++ buffer_append (&buffer, " \'%s\'"); + + input_filter = buffer_copy (&buffer); + input_filter_stdin = "-"; +diff -u -p -Nr --exclude CVS orig/enscript-1.6.3/src/util.c enscript-1.6.3.CAN-2004-1184/src/util.c +--- orig/enscript-1.6.3/src/util.c 1999-09-17 17:26:51.000000000 +0200 ++++ enscript-1.6.3.CAN-2004-1184/src/util.c 2005-01-05 10:43:23.000000000 +0100 +@@ -1239,6 +1239,8 @@ escape_string (char *string) + + /* Create result. */ + cp = xmalloc (len + 1); ++ if (cp == NULL) ++ return NULL; + for (i = 0, j = 0; string[i]; i++) + switch (string[i]) + { +@@ -1879,6 +1881,7 @@ is_open (InputStream *is, FILE *fp, char + char *cmd = NULL; + int cmdlen; + int i, pos; ++ char *cp; + + is->is_pipe = 1; + +@@ -1902,12 +1905,16 @@ is_open (InputStream *is, FILE *fp, char + { + case 's': + /* Expand cmd-buffer. */ +- cmdlen += strlen (fname); +- cmd = xrealloc (cmd, cmdlen); ++ if ((cp = shell_escape (fname)) != NULL) ++ { ++ cmdlen += strlen (cp); ++ cmd = xrealloc (cmd, cmdlen); + +- /* Paste filename. */ +- strcpy (cmd + pos, fname); +- pos += strlen (fname); ++ /* Paste filename. */ ++ strcpy (cmd + pos, cp); ++ pos += strlen (cp); ++ free (cp); ++ } + + i++; + break; +@@ -2116,3 +2123,36 @@ buffer_len (Buffer *buffer) + { + return buffer->len; + } ++ ++/* ++ * Escapes the name of a file so that the shell groks it in 'single' ++ * quotation marks. The resulting pointer has to be free()ed when not ++ * longer used. ++*/ ++char * ++shell_escape(const char *fn) ++{ ++ size_t len = 0; ++ const char *inp; ++ char *retval, *outp; ++ ++ for(inp = fn; *inp; ++inp) ++ switch(*inp) ++ { ++ case '\'': len += 4; break; ++ default: len += 1; break; ++ } ++ ++ outp = retval = malloc(len + 1); ++ if(!outp) ++ return NULL; /* perhaps one should do better error handling here */ ++ for(inp = fn; *inp; ++inp) ++ switch(*inp) ++ { ++ case '\'': *outp++ = '\''; *outp++ = '\\'; *outp++ = '\'', *outp++ = '\''; break; ++ default: *outp++ = *inp; break; ++ } ++ *outp = 0; ++ ++ return retval; ++} +diff -u -p -Nr --exclude CVS enscript-1.6.3.CAN-2004-1184/src/psgen.c enscript-1.6.3.CAN-2004-1185/src/psgen.c +--- enscript-1.6.3.CAN-2004-1184/src/psgen.c 2005-01-04 20:59:56.000000000 +0100 ++++ enscript-1.6.3.CAN-2004-1185/src/psgen.c 2005-01-05 15:22:40.000000000 +0100 +@@ -2385,9 +2385,10 @@ recognize_eps_file (Token *token) + MESSAGE (2, (stderr, "^@epsf=\"%s\"\n", token->u.epsf.filename)); + + i = strlen (token->u.epsf.filename); ++ /* + if (i > 0 && token->u.epsf.filename[i - 1] == '|') + { +- /* Read EPS data from pipe. */ ++ / * Read EPS data from pipe. * / + token->u.epsf.pipe = 1; + token->u.epsf.filename[i - 1] = '\0'; + token->u.epsf.fp = popen (token->u.epsf.filename, "r"); +@@ -2400,6 +2401,7 @@ recognize_eps_file (Token *token) + } + } + else ++ */ + { + char *filename; + +diff -u -p -Nr --exclude CVS enscript-1.6.3.CAN-2004-1185/src/psgen.c enscript-1.6.3.CAN-2004-1186/src/psgen.c +--- enscript-1.6.3.CAN-2004-1185/src/psgen.c 2005-01-05 15:22:40.000000000 +0100 ++++ enscript-1.6.3.CAN-2004-1186/src/psgen.c 2005-01-05 15:22:44.000000000 +0100 +@@ -2034,8 +2034,9 @@ dump_ps_page_header (char *fname, int em + else + { + ftail++; +- strncpy (buf, fname, ftail - fname); +- buf[ftail - fname] = '\0'; ++ i = ftail - fname >= sizeof (buf)-1 ? sizeof (buf)-1 : ftail - fname; ++ strncpy (buf, fname, i); ++ buf[i] = '\0'; + } + + if (nup > 1) +diff -u -p -Nr --exclude CVS enscript-1.6.3.CAN-2004-1185/src/util.c enscript-1.6.3.CAN-2004-1186/src/util.c +--- enscript-1.6.3.CAN-2004-1185/src/util.c 2005-01-05 10:43:23.000000000 +0100 ++++ enscript-1.6.3.CAN-2004-1186/src/util.c 2005-01-05 15:22:23.000000000 +0100 +@@ -2003,7 +2003,8 @@ is_getc (InputStream *is) + return EOF; + + /* Read more data. */ +- is->data_in_buf = fread (is->buf, 1, sizeof (is->buf), is->fp); ++ memset (is->buf, 0, sizeof (is->buf)); ++ is->data_in_buf = fread (is->buf, 1, sizeof (is->buf)-1, is->fp); + is->bufpos = 0; + is->nreads++; + |