Added patch to fix security issue

3 files changed, 73 insertions, 2 deletions

diff --git a/net-mail/exim/ChangeLog b/net-mail/exim/ChangeLog
index bb65720a70f0..306fc5d447a9 100644
--- a/net-mail/exim/ChangeLog
+++ b/net-mail/exim/ChangeLog
@@ -1,6 +1,9 @@
 # ChangeLog for net-mail/exim
 # Copyright 2002 Gentoo Technologies, Inc.; Distributed under the GPL
-# $Header: /var/cvsroot/gentoo-x86/net-mail/exim/ChangeLog,v 1.16 2002/12/13 11:00:07 blizzy Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-mail/exim/ChangeLog,v 1.17 2002/12/15 14:03:57 aliz Exp $
+
+  15 Dec 2002; Daniel Ahlberg <aliz@gentoo.org> : exim-4.10.ebuild
+  Added patch to fix security issue.
 
   06 Dec 2002; Rodney Rees <manson@gentoo.org> : changed sparc ~sparc keywords
  
diff --git a/net-mail/exim/exim-4.10.ebuild b/net-mail/exim/exim-4.10.ebuild
index 757596cae17e..c440892049c2 100644
--- a/net-mail/exim/exim-4.10.ebuild
+++ b/net-mail/exim/exim-4.10.ebuild
@@ -1,7 +1,7 @@
 # Copyright 1999-2002 Gentoo Technologies, Inc.
 # Distributed under the terms of the GNU General Public License v2
 # Updated to exim-4 by Ben Lutgens <lamer@gentoo.org>
-# $Header: /var/cvsroot/gentoo-x86/net-mail/exim/exim-4.10.ebuild,v 1.2 2002/12/09 04:33:14 manson Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-mail/exim/exim-4.10.ebuild,v 1.3 2002/12/15 14:03:57 aliz Exp $
 
 IUSE="tcpd ssl postgres mysql ldap pam"
 
@@ -36,6 +36,9 @@ src_unpack() {
 
 	local myconf
 	unpack ${A}
+
+	cd ${S}/src
+	patch < ${FILESDIR}/${PF}-gentoo.diff || die	
 	cd ${S}
 
 	einfo "Patching exiscan support into exim ${PV}.."
diff --git a/net-mail/exim/files/exim-4.10-gentoo.diff b/net-mail/exim/files/exim-4.10-gentoo.diff
new file mode 100644
index 000000000000..6be612358fa0
--- /dev/null
+++ b/net-mail/exim/files/exim-4.10-gentoo.diff
@@ -0,0 +1,65 @@
+*** exim-4.10/src/daemon.c  Mon Jul 22 09:59:48 2002
+- --- daemon.c   Wed Dec  4 10:52:04 2002
+***************
+*** 960,991 ****
+    (b) When -bd is used and -oX is not used, or
+    (c) When -oP is used to supply a path.
+
+! The variable daemon_write_pid is used to control this.
+
+- - Note re use of sprintf: spool_directory and pid_file_path are checked on
+- - input to be < 200 characters. */
+- -
+  if (running_in_test_harness || daemon_write_pid)
+    {
+    FILE *f;
+- -   uschar buff[256];
+- -
+    if (pid_file_path[0] == 0)
+!     sprintf(CS buff, "%s/exim-daemon.pid", spool_directory);
+!   else
+!     sprintf(CS buff, CS pid_file_path, "");   /* Backward compatibility */
+
+!   f = Ufopen(buff, "wb");
+    if (f != NULL)
+      {
+      fprintf(f, "%d\n", (int)getpid());
+      fchmod(fileno(f), 0644);
+      fclose(f);
+!     DEBUG(D_any) debug_printf("pid written to %s\n", buff);
+      }
+    else
+      DEBUG(D_any)
+!       debug_printf("%s\n", string_open_failed(errno, "pid file %s", buff));
+    }
+
+  /* Set up the handler for SIGHUP, which causes a restart of the daemon. */
+- --- 960,987 ----
+    (b) When -bd is used and -oX is not used, or
+    (c) When -oP is used to supply a path.
+
+! The variable daemon_write_pid is used to control this. */
+
+  if (running_in_test_harness || daemon_write_pid)
+    {
+    FILE *f;
+    if (pid_file_path[0] == 0)
+!     pid_file_path = string_sprintf("%s/exim-daemon.pid", spool_directory);
+
+!   f = Ufopen(pid_file_path, "wb");
+    if (f != NULL)
+      {
+      fprintf(f, "%d\n", (int)getpid());
+      fchmod(fileno(f), 0644);
+      fclose(f);
+!     DEBUG(D_any) debug_printf("pid written to %s\n", pid_file_path);
+      }
+    else
++     {
+      DEBUG(D_any)
+!       debug_printf("%s\n", string_open_failed(errno, "pid file %s",
+!         pid_file_path));
+!     }
+    }
+
+  /* Set up the handler for SIGHUP, which causes a restart of the daemon. */