diff options
| author |   Mike Frysinger <vapier@gentoo.org> | 2005-08-31 22:24:46 +0000 |
|---|---|---|
| committer | Mike Frysinger <vapier@gentoo.org> | 2005-08-31 22:24:46 +0000 |
| commit | 2cb7663fb7587ccab2b25f90bc27c1e965472024 (patch) | |
| tree | 1342974cfbff15b169d46b74d6b2498fec4c38a2 /games-simulation/openttd | |
| parent | fixed version of openttd now in portage (diff) | |
| download | gentoo-2-2cb7663fb7587ccab2b25f90bc27c1e965472024.tar.gz gentoo-2-2cb7663fb7587ccab2b25f90bc27c1e965472024.tar.bz2 gentoo-2-2cb7663fb7587ccab2b25f90bc27c1e965472024.zip | |
Version bump with security fix #102631 by Alexey Dobriyan.
(Portage version: 2.0.51.22-r2)
Diffstat (limited to 'games-simulation/openttd')
4 files changed, 355 insertions, 1 deletions
diff --git a/games-simulation/openttd/ChangeLog b/games-simulation/openttd/ChangeLog index 7921e266f668..f18b8dee4f7e 100644 --- a/games-simulation/openttd/ChangeLog +++ b/games-simulation/openttd/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for games-simulation/openttd # Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/games-simulation/openttd/ChangeLog,v 1.15 2005/08/22 20:27:05 hansmi Exp $ +# $Header: /var/cvsroot/gentoo-x86/games-simulation/openttd/ChangeLog,v 1.16 2005/08/31 22:24:46 vapier Exp $ + +*openttd-0.4.0.1-r1 (31 Aug 2005) + + 31 Aug 2005; Mike Frysinger <vapier@gentoo.org> + +files/openttd-0.4.0.1-buffer-checks.patch, +openttd-0.4.0.1-r1.ebuild: + Version bump with security fix #102631 by Alexey Dobriyan. 22 Aug 2005; Michael Hanselmann <hansmi@gentoo.org> openttd-0.4.0.1.ebuild: diff --git a/games-simulation/openttd/files/digest-openttd-0.4.0.1-r1 b/games-simulation/openttd/files/digest-openttd-0.4.0.1-r1 new file mode 100644 index 000000000000..1272ae79fcdd --- /dev/null +++ b/games-simulation/openttd/files/digest-openttd-0.4.0.1-r1 @@ -0,0 +1 @@ +MD5 ddd9790c86b7ccc68f60761704cbcf81 openttd-0.4.0.1-source.tar.gz 2950778 diff --git a/games-simulation/openttd/files/openttd-0.4.0.1-buffer-checks.patch b/games-simulation/openttd/files/openttd-0.4.0.1-buffer-checks.patch new file mode 100644 index 000000000000..ffebb6c05603 --- /dev/null +++ b/games-simulation/openttd/files/openttd-0.4.0.1-buffer-checks.patch @@ -0,0 +1,200 @@ +Fix remote buffer overflows and format string attacks. + +Patch by Alexey Dobriyan, diffs taken from upstream svn. + +http://svn.openttd.org/cgi-bin/viewcvs.cgi?rev=2899&view=rev +http://bugs.gentoo.org/show_bug.cgi?id=102631 + +Log Message: +Fix: Several format string vulnerabilities and buffer overflows in the network code + +--- /trunk/console_cmds.c 2005/08/28 10:59:34 2898 ++++ trunk/console_cmds.c 2005/08/28 12:24:57 2899 +@@ -1132,7 +1132,7 @@ + SEND_COMMAND(PACKET_CLIENT_SET_NAME)(_network_player_name); + } else { + if (NetworkFindName(_network_player_name)) { +- NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, _network_player_name); ++ NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, "%s", _network_player_name); + ttd_strlcpy(ci->client_name, _network_player_name, sizeof(ci->client_name)); + NetworkUpdateClientInfo(NETWORK_SERVER_INDEX); + } +--- /trunk/network.c 2005/08/28 10:59:34 2898 ++++ trunk/network.c 2005/08/28 12:24:57 2899 +@@ -100,7 +100,7 @@ + char temp[1024]; + + va_start(va, str); +- vsprintf(buf, str, va); ++ vsnprintf(buf, lengthof(buf), str, va); + va_end(va); + + switch (action) { +@@ -499,7 +499,7 @@ + + GetString(str, STR_NETWORK_ERR_CLIENT_GENERAL + errorno); + +- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, str); ++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, "%s", str); + + // Inform other clients of this... strange leaving ;) + FOR_ALL_CLIENTS(new_cs) { +--- /trunk/network_client.c 2005/08/28 10:59:34 2898 ++++ trunk/network_client.c 2005/08/28 12:24:57 2899 +@@ -349,7 +349,7 @@ + if (ci != NULL) { + if (playas == ci->client_playas && strcmp(name, ci->client_name) != 0) { + // Client name changed, display the change +- NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, name); ++ NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, "%s", name); + } else if (playas != ci->client_playas) { + // The player changed from client-player.. + // Do not display that for now +@@ -666,7 +666,7 @@ + + ci = NetworkFindClientInfoFromIndex(index); + if (ci != NULL) { +- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, ci->client_name, str); ++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, ci->client_name, "%s", str); + + // The client is gone, give the NetworkClientInfo free + ci->client_index = NETWORK_EMPTY_INDEX; +@@ -684,11 +684,11 @@ + NetworkClientInfo *ci; + + index = NetworkRecv_uint16(MY_CLIENT, p); +- NetworkRecv_string(MY_CLIENT, p, str, 100); ++ NetworkRecv_string(MY_CLIENT, p, str, lengthof(str)); + + ci = NetworkFindClientInfoFromIndex(index); + if (ci != NULL) { +- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, ci->client_name, str); ++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, ci->client_name, "%s", str); + + // The client is gone, give the NetworkClientInfo free + ci->client_index = NETWORK_EMPTY_INDEX; +--- /trunk/network_server.c 2005/08/28 10:59:34 2898 ++++ trunk/network_server.c 2005/08/28 12:24:57 2899 +@@ -162,7 +162,7 @@ + + DEBUG(net, 2)("[NET] %s made an error (%s) and his connection is closed", client_name, str); + +- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, str); ++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, "%s", str); + + FOR_ALL_CLIENTS(new_cs) { + if (new_cs->status > STATUS_AUTH && new_cs != cs) { +@@ -904,7 +904,7 @@ + + DEBUG(net, 2)("[NET] %s reported an error and is closing his connection (%s)", client_name, str); + +- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, str); ++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, "%s", str); + + FOR_ALL_CLIENTS(new_cs) { + if (new_cs->status > STATUS_AUTH) { +@@ -929,11 +929,11 @@ + return; + } + +- NetworkRecv_string(cs, p, str, 100); ++ NetworkRecv_string(cs, p, str, lengthof(str)); + + NetworkGetClientName(client_name, sizeof(client_name), cs); + +- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, str); ++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, "%s", str); + + FOR_ALL_CLIENTS(new_cs) { + if (new_cs->status > STATUS_AUTH) { +@@ -1108,7 +1108,7 @@ + if (ci != NULL) { + // Display change + if (NetworkFindName(client_name)) { +- NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, client_name); ++ NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, "%s", client_name); + ttd_strlcpy(ci->client_name, client_name, sizeof(ci->client_name)); + NetworkUpdateClientInfo(ci->client_index); + } +--- /trunk/texteff.c 2005/08/28 10:59:34 2898 ++++ trunk/texteff.c 2005/08/28 12:24:57 2899 +@@ -62,7 +62,7 @@ + int length; + + va_start(va, message); +- vsprintf(buf, message, va); ++ vsnprintf(buf, lengthof(buf), message, va); + va_end(va); + + /* Special color magic */ +--- openttd/os2.c ++++ openttd/os2.c +@@ -642,7 +642,7 @@ static long CDECL MidiSendCommand(const + va_list va; + char buf[512]; + va_start(va, cmd); +- vsprintf(buf, cmd, va); ++ vsnprintf(buf, sizeof(buf), cmd, va); + va_end(va); + return mciSendString(buf, NULL, 0, NULL, 0); + } +--- openttd/strgen/strgen.c ++++ openttd/strgen/strgen.c +@@ -84,7 +84,7 @@ void warning(const char *s, ...) { + char buf[1024]; + va_list va; + va_start(va, s); +- vsprintf(buf, s, va); ++ vsnprintf(buf, sizeof(buf), s, va); + va_end(va); + fprintf(stderr, "%d: ERROR: %s\n", _cur_line, buf); + _warnings = true; +@@ -94,7 +94,7 @@ void NORETURN error(const char *s, ...) + char buf[1024]; + va_list va; + va_start(va, s); +- vsprintf(buf, s, va); ++ vsnprintf(buf, sizeof(buf), s, va); + va_end(va); + fprintf(stderr, "%d: FATAL: %s\n", _cur_line, buf); + exit(1); +--- openttd/ttd.c ++++ openttd/ttd.c +@@ -70,7 +70,7 @@ void CDECL error(const char *s, ...) { + va_list va; + char buf[512]; + va_start(va, s); +- vsprintf(buf, s, va); ++ vsnprintf(buf, sizeof(buf), s, va); + va_end(va); + + ShowOSErrorBox(buf); +@@ -86,7 +86,7 @@ void CDECL ShowInfoF(const char *str, .. + va_list va; + char buf[1024]; + va_start(va, str); +- vsprintf(buf, str, va); ++ vsnprintf(buf, sizeof(buf), str, va); + va_end(va); + ShowInfo(buf); + } +@@ -99,7 +99,7 @@ char * CDECL str_fmt(const char *str, .. + char *p; + + va_start(va, str); +- len = vsprintf(buf, str, va); ++ len = vsnprintf(buf, sizeof(buf), str, va); + va_end(va); + p = malloc(len + 1); + if (p) +--- openttd/win32.c ++++ openttd/win32.c +@@ -841,7 +841,7 @@ static long CDECL MidiSendCommand(const + char buf[512]; + + va_start(va, cmd); +- vsprintf(buf, cmd, va); ++ vsnprintf(buf, sizeof(buf), cmd, va); + va_end(va); + return mciSendStringA(buf, NULL, 0, 0); + } diff --git a/games-simulation/openttd/openttd-0.4.0.1-r1.ebuild b/games-simulation/openttd/openttd-0.4.0.1-r1.ebuild new file mode 100644 index 000000000000..bde077dd018c --- /dev/null +++ b/games-simulation/openttd/openttd-0.4.0.1-r1.ebuild @@ -0,0 +1,147 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/games-simulation/openttd/openttd-0.4.0.1-r1.ebuild,v 1.1 2005/08/31 22:24:46 vapier Exp $ + +inherit eutils games + +DESCRIPTION="OpenTTD is a clone of Transport Tycoon Deluxe" +HOMEPAGE="http://www.openttd.com/" +SRC_URI="mirror://sourceforge/openttd/${P}-source.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ppc x86" +IUSE="debug png zlib timidity alsa dedicated" + +DEPEND="media-libs/libsdl + png? ( media-libs/libpng ) + zlib? ( sys-libs/zlib )" +RDEPEND="${DEPEND} + !dedicated? ( + timidity? ( media-sound/timidity++ ) + !timidity? ( alsa? ( media-sound/alsa-utils ) ) + )" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/${P}-buffer-checks.patch +} + +src_compile() { + local myopts="" + use debug && myopts="${myopts} DEBUG=1" + use dedicated && myopts="${myopts} DEDICATED=1" + use png && myopts="${myopts} WITH_PNG=1" + use zlib && myopts="${myopts} WITH_ZLIB=1" + if ! use dedicated; then + myopts="${myopts} WITH_SDL=1" + if ! use timidity; then + use alsa && myopts="${myopts} MIDI=/usr/bin/aplaymidi" + fi + fi + + emake -j1 \ + MANUAL_CONFIG=1 \ + UNIX=1 \ + WITH_NETWORK=1 \ + INSTALL=1 \ + RELEASE=${PV} \ + USE_HOMEDIR=1 \ + PERSONAL_DIR=.openttd \ + PREFIX=/usr \ + DATA_DIR=share/games/${PN} \ + ${myopts} \ + || die "emake failed" +} + +src_install() { + dogamesbin openttd || die "dogamesbin failed" + + insinto "${GAMES_DATADIR}/${PN}/data" + doins data/* || die "doins failed (data)" + + insinto "${GAMES_DATADIR}/${PN}/lang" + doins lang/*.lng || die "doins failed (lang)" + + insinto "${GAMES_DATADIR}/${PN}/scenario" + doins scenario/* || die "doins failed (scenario)" + + insinto "${GAMES_DATADIR}/${PN}/scripts" + doins scripts/*.example || die "doins failed (scripts)" + + doicon media/openttd.*.png + + if ! use dedicated; then + if use timidity || use alsa; then + make_desktop_entry "openttd -m extmidi" "OpenTTD" openttd.64.png + else + make_desktop_entry openttd "OpenTTD" openttd.64.png + fi + else + newinitd "${FILESDIR}"/openttd.initd openttd + fi + + dodoc readme.txt changelog.txt docs/Manual.txt docs/console.txt \ + docs/multiplayer.txt + newdoc scripts/readme.txt readme_scripts.txt + doman docs/openttd.6 + prepgamesdirs +} + +pkg_postinst() { + games_pkg_postinst + + echo + einfo "In order to play, you must copy the following 6 files from " + einfo "a version of TTD to ${GAMES_DATADIR}/${PN}/data/." + echo + einfo "From the WINDOWS version you need: " + einfo " sample.cat trg1r.grf trgcr.grf trghr.grf trgir.grf trgtr.grf" + einfo "OR from the DOS version you need: " + einfo " SAMPLE.CAT TRG1.GRF TRGC.GRF TRGH.GRF TRGI.GRF TRGT.GRF" + echo + einfo "Scenarios are installed to ${GAMES_DATADIR}/${PN}/scenario," + einfo "you will have to symlink them to ~/.openttd/scenario in order" + einfo "to use them." + einfo "Example:" + einfo " mkdir -p ~/.openttd/scenario" + einfo " ln -s ${GAMES_DATADIR}/${PN}/scenario/* ~/.openttd/scenario/" + echo + einfo "File names are case sensitive so make sure they are " + einfo "correct for whichever version you have." + echo + + if use dedicated; then + einfo "You have chosen the dedicated USE flag which builds a " + einfo "version of OpenTTD to be used as a game server which " + einfo "does not require SDL. You will not be able to play the " + einfo "game, but if you don't pass this flag you can still use " + einfo "it as a server in the same way, but SDL will be required." + echo + ewarn "Warning: The init script will kill all running openttd" + ewarn "processes when run, including any running client sessions!" + echo + else + if use timidity || use alsa; then + einfo "If you want music, you must copy the gm/ directory" + einfo "to ${GAMES_DATADIR}/${PN}/" + einfo "You can enable MIDI by running:" + einfo " openttd -m extmidi" + echo + if use timidity; then + einfo "You also need soundfonts for timidity, if you don't" + einfo "know what that is, do:" + echo + einfo "emerge media-sound/timidity-eawpatches" + else + einfo "You have emerged with 'aplaymidi' for playing MIDI." + einfo "You have to set the environment variable ALSA_OUTPUT_PORTS." + einfo "Available ports can be listed by using 'aplaymidi -l'." + fi + else + einfo "timidity and/or alsa not in USE so music will not be played during the game." + fi + echo + fi +} |