Security bump for CVE-2008-2040 wrt bug #220281

(Portage version: 2.2_rc1/cvs/Linux 2.6.25.8 i686)

3 files changed, 141 insertions, 17 deletions

diff --git a/media-sound/peercast/ChangeLog b/media-sound/peercast/ChangeLog
index 901b7817bb69..1234f76e3f63 100644
--- a/media-sound/peercast/ChangeLog
+++ b/media-sound/peercast/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for media-sound/peercast
 # Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/media-sound/peercast/ChangeLog,v 1.17 2008/01/11 08:02:53 opfer Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-sound/peercast/ChangeLog,v 1.18 2008/07/06 19:37:18 loki_val Exp $
+
+*peercast-0.1218-r1 (06 Jul 2008)
+
+  06 Jul 2008; Peter Alfredsen <loki_val@gentoo.org>
+  +files/peercast-0.1218-CVE-2008-2040.patch, -peercast-0.1217.ebuild,
+  +peercast-0.1218-r1.ebuild:
+  Security bump for CVE-2008-2040 wrt bug #220281
 
   11 Jan 2008; Christian Faulhammer <opfer@gentoo.org>
   peercast-0.1218.ebuild:
diff --git a/media-sound/peercast/files/peercast-0.1218-CVE-2008-2040.patch b/media-sound/peercast/files/peercast-0.1218-CVE-2008-2040.patch
new file mode 100644
index 000000000000..23037ac82b74
--- /dev/null
+++ b/media-sound/peercast/files/peercast-0.1218-CVE-2008-2040.patch
@@ -0,0 +1,122 @@
+diff -Nurad peercast-0.1218+svn20080104/core/common/channel.cpp peercast-0.1218+svn20080104.new/core/common/channel.cpp
+--- peercast-0.1218+svn20080104/core/common/channel.cpp	2008-04-01 13:59:52.000000000 +0200
++++ peercast-0.1218+svn20080104.new/core/common/channel.cpp	2008-04-30 17:45:28.000000000 +0200
+@@ -440,7 +440,7 @@
+ 		if (http.isHeader(PCX_HS_POS))

+ 			streamPos = atoi(arg);

+ 		else

+-			Servent::readICYHeader(http, info, NULL);

++			Servent::readICYHeader(http, info, NULL, 0);

+ 

+ 		LOG_CHANNEL("Channel fetch: %s",http.cmdLine);

+ 	}

+diff -Nurad peercast-0.1218+svn20080104/core/common/http.cpp peercast-0.1218+svn20080104.new/core/common/http.cpp
+--- peercast-0.1218+svn20080104/core/common/http.cpp	2008-04-01 13:59:52.000000000 +0200
++++ peercast-0.1218+svn20080104.new/core/common/http.cpp	2008-04-30 17:45:28.000000000 +0200
+@@ -102,7 +102,7 @@
+ 		return 0;
+ }
+ //-----------------------------------------
+-void HTTP::getAuthUserPass(char *user, char *pass)
++void HTTP::getAuthUserPass(char *user, char *pass, size_t ulen, size_t plen)
+ {
+ 	if (arg)
+ 	{
+@@ -119,10 +119,14 @@
+ 			if (s)
+ 			{
+ 				*s = 0;
+-				if (user)
+-					strcpy(user,str.cstr());
+-				if (pass)
+-					strcpy(pass,s+1);
++				if (user){
++					strncpy(user,str.cstr(), ulen);
++					user[ulen - 1] = 0;
++				}
++				if (pass){
++					strncpy(pass,s+1, plen);
++					pass[plen - 1] = 0;
++				}
+ 			}			
+ 		}
+ 	}
+diff -Nurad peercast-0.1218+svn20080104/core/common/http.h peercast-0.1218+svn20080104.new/core/common/http.h
+--- peercast-0.1218+svn20080104/core/common/http.h	2008-04-01 13:59:52.000000000 +0200
++++ peercast-0.1218+svn20080104.new/core/common/http.h	2008-04-30 17:45:28.000000000 +0200
+@@ -176,7 +176,7 @@
+ 	char	*getArgStr();
+ 	int		getArgInt();
+ 
+-	void	getAuthUserPass(char *, char *);
++	void	getAuthUserPass(char *, char *, size_t, size_t);
+ 
+ 	char	cmdLine[8192],*arg;
+ 
+diff -Nurad peercast-0.1218+svn20080104/core/common/servent.h peercast-0.1218+svn20080104.new/core/common/servent.h
+--- peercast-0.1218+svn20080104/core/common/servent.h	2008-04-01 13:59:52.000000000 +0200
++++ peercast-0.1218+svn20080104.new/core/common/servent.h	2008-04-30 17:45:28.000000000 +0200
+@@ -206,7 +206,7 @@
+ 	void	sendPCPChannel();

+ 	void	checkPCPComms(Channel *, AtomStream &);

+ 
+-	static void	readICYHeader(HTTP &, ChanInfo &, char *);
++	static void	readICYHeader(HTTP &, ChanInfo &, char *, size_t);
+ 	bool	canStream(Channel *);
+ 
+ 	bool	isConnected() {return status == S_CONNECTED;}

+diff -Nurad peercast-0.1218+svn20080104/core/common/servhs.cpp peercast-0.1218+svn20080104.new/core/common/servhs.cpp
+--- peercast-0.1218+svn20080104/core/common/servhs.cpp	2008-04-01 13:59:52.000000000 +0200
++++ peercast-0.1218+svn20080104.new/core/common/servhs.cpp	2008-04-30 17:45:28.000000000 +0200
+@@ -587,7 +587,7 @@
+ 		{

+ 			case ServMgr::AUTH_HTTPBASIC:

+ 				if (http.isHeader("Authorization"))

+-					http.getAuthUserPass(user,pass);

++					http.getAuthUserPass(user,pass, sizeof(user), sizeof(pass));

+ 				break;

+ 			case ServMgr::AUTH_COOKIE:

+ 				if (http.isHeader("Cookie"))

+@@ -1405,7 +1405,7 @@
+ 

+ }
+ // -----------------------------------
+-void Servent::readICYHeader(HTTP &http, ChanInfo &info, char *pwd)
++void Servent::readICYHeader(HTTP &http, ChanInfo &info, char *pwd, size_t plen)
+ {
+ 	char *arg = http.getArgStr();
+ 	if (!arg) return;
+@@ -1429,8 +1429,10 @@
+ 		info.desc.set(arg,String::T_ASCII);

+ 		info.desc.convertTo(String::T_UNICODE);

+ 
+-	}else if (http.isHeader("Authorization"))
+-		http.getAuthUserPass(NULL,pwd);
++	}else if (http.isHeader("Authorization")){
++		if(pwd)
++			http.getAuthUserPass(NULL,pwd, 0, plen);
++    }
+ 	else if (http.isHeader(PCX_HS_CHANNELID))
+ 		info.id.fromStr(arg);

+ 	else if (http.isHeader("ice-password"))
+@@ -1501,7 +1503,7 @@
+ 	while (http.nextHeader())
+ 	{
+ 		LOG_DEBUG("ICY %s",http.cmdLine);
+-		readICYHeader(http,info,loginPassword.cstr());
++		readICYHeader(http,info,loginPassword.cstr(), String::MAX_LEN);
+ 	}
+ 
+ 
+diff -Nurad peercast-0.1218+svn20080104/core/common/url.cpp peercast-0.1218+svn20080104.new/core/common/url.cpp
+--- peercast-0.1218+svn20080104/core/common/url.cpp	2008-04-01 13:59:52.000000000 +0200
++++ peercast-0.1218+svn20080104.new/core/common/url.cpp	2008-04-30 17:45:28.000000000 +0200
+@@ -171,7 +171,7 @@
+ 				LOG_CHANNEL("Fetch HTTP: %s",http.cmdLine);
+ 
+ 				ChanInfo tmpInfo = ch->info;
+-				Servent::readICYHeader(http,ch->info,NULL);
++				Servent::readICYHeader(http,ch->info,NULL, 0);
+ 
+ 				if (!tmpInfo.name.isEmpty())
+ 					ch->info.name = tmpInfo.name;
diff --git a/media-sound/peercast/peercast-0.1217.ebuild b/media-sound/peercast/peercast-0.1218-r1.ebuild
index da70c1cf4143..59aac44d34e6 100644
--- a/media-sound/peercast/peercast-0.1217.ebuild
+++ b/media-sound/peercast/peercast-0.1218-r1.ebuild
@@ -1,8 +1,8 @@
-# Copyright 1999-2007 Gentoo Foundation
+# Copyright 1999-2008 Gentoo Foundation
 # Distributed under the terms of the GNU General Public License v2
-# $Header: /var/cvsroot/gentoo-x86/media-sound/peercast/peercast-0.1217.ebuild,v 1.4 2007/01/05 17:42:52 flameeyes Exp $
+# $Header: /var/cvsroot/gentoo-x86/media-sound/peercast/peercast-0.1218-r1.ebuild,v 1.1 2008/07/06 19:37:18 loki_val Exp $
 
-inherit eutils toolchain-funcs flag-o-matic
+inherit eutils toolchain-funcs flag-o-matic base
 
 IUSE=""
 
@@ -16,29 +16,24 @@ SRC_URI="http://www.peercast.org/src/${P}-src.tgz"
 LICENSE="GPL-2"
 
 SLOT="0"
-KEYWORDS="amd64 x86"
+KEYWORDS="~amd64 ~x86"
 
 DEPEND=""
 RDEPEND=""
-
-src_unpack() {
-	unpack ${A}
-	cd ${S}
-
-	epatch "${FILESDIR}/${PN}-0.1216-makefile.patch"
-	epatch "${FILESDIR}/${PN}-0.1216-amd64.patch"
-}
+PATCHES=(	"${FILESDIR}/${P}-CVE-2008-2040.patch"
+		"${FILESDIR}/${PN}-0.1216-makefile.patch"
+		"${FILESDIR}/${PN}-0.1216-amd64.patch"	)
 
 src_compile() {
 	append-ldflags -pthread
 
-	cd ${S}/ui/linux
+	cd "${S}"/ui/linux
 	emake CC="$(tc-getCC)" CXX="$(tc-getCXX)" AR="$(tc-getAR)" \
 		LDFLAGS="${LDFLAGS}" || die "emake failed"
 }
 
 src_install() {
-	cd ${S}/ui/linux
+	cd "${S}"/ui/linux
 
 	exeinto /usr/sbin
 	newexe "${FILESDIR}/peercast.wrapper.sh" peercast
@@ -47,8 +42,8 @@ src_install() {
 	doexe peercast
 
 	dodir /usr/share/peercast
-	cd ${S}/ui
-	cp -R html ${D}/usr/share/peercast/
+	cd "${S}"/ui
+	cp -R html "${D}"/usr/share/peercast/
 
 	newinitd "${FILESDIR}/peercast.init.gpl" peercast
 }