diff options
author | Mike Frysinger <vapier@gentoo.org> | 2005-08-31 22:24:46 +0000 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2005-08-31 22:24:46 +0000 |
commit | d86ff5a69394c7e41fc191a3402b3d69cf44affe (patch) | |
tree | 6982641aeb9ec21d961f2f9c02de38e701278063 /games-simulation | |
parent | fixed version of openttd now in portage (diff) | |
download | historical-d86ff5a69394c7e41fc191a3402b3d69cf44affe.tar.gz historical-d86ff5a69394c7e41fc191a3402b3d69cf44affe.tar.bz2 historical-d86ff5a69394c7e41fc191a3402b3d69cf44affe.zip |
Version bump with security fix #102631 by Alexey Dobriyan.
Package-Manager: portage-2.0.51.22-r2
Diffstat (limited to 'games-simulation')
-rw-r--r-- | games-simulation/openttd/ChangeLog | 8 | ||||
-rw-r--r-- | games-simulation/openttd/Manifest | 21 | ||||
-rw-r--r-- | games-simulation/openttd/files/digest-openttd-0.4.0.1-r1 | 1 | ||||
-rw-r--r-- | games-simulation/openttd/files/openttd-0.4.0.1-buffer-checks.patch | 200 | ||||
-rw-r--r-- | games-simulation/openttd/openttd-0.4.0.1-r1.ebuild | 147 |
5 files changed, 369 insertions, 8 deletions
diff --git a/games-simulation/openttd/ChangeLog b/games-simulation/openttd/ChangeLog index 7921e266f668..f18b8dee4f7e 100644 --- a/games-simulation/openttd/ChangeLog +++ b/games-simulation/openttd/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for games-simulation/openttd # Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/games-simulation/openttd/ChangeLog,v 1.15 2005/08/22 20:27:05 hansmi Exp $ +# $Header: /var/cvsroot/gentoo-x86/games-simulation/openttd/ChangeLog,v 1.16 2005/08/31 22:24:46 vapier Exp $ + +*openttd-0.4.0.1-r1 (31 Aug 2005) + + 31 Aug 2005; Mike Frysinger <vapier@gentoo.org> + +files/openttd-0.4.0.1-buffer-checks.patch, +openttd-0.4.0.1-r1.ebuild: + Version bump with security fix #102631 by Alexey Dobriyan. 22 Aug 2005; Michael Hanselmann <hansmi@gentoo.org> openttd-0.4.0.1.ebuild: diff --git a/games-simulation/openttd/Manifest b/games-simulation/openttd/Manifest index 3f71a93b65ee..4fea27d15c2a 100644 --- a/games-simulation/openttd/Manifest +++ b/games-simulation/openttd/Manifest @@ -1,9 +1,16 @@ -MD5 722fc70915d614092fed4f3f2a17db2b openttd-0.4.0.1.ebuild 4232 -MD5 0545a9ceee2db438f49045bfdb8098ce openttd-0.4.0.ebuild 4229 +-----BEGIN PGP SIGNED MESSAGE----- +Hash: SHA1 + MD5 7efefbbe81a05cbc5d4e96203f047fda metadata.xml 245 -MD5 d60e38ed26fea31f2f822235ec4e404b ChangeLog 2705 -MD5 b4920ba6225a18cedcb6887038f11a7d openttd-0.3.6-r1.ebuild 4180 -MD5 ebb13a7591c4ec12f1bb5e25fb8aff18 files/digest-openttd-0.4.0 70 +MD5 44e37a7863de4415a5b4506e41cac6cc openttd-0.4.0.1-r1.ebuild 4349 +MD5 f30148c9a866518fbe2a3ff864bf52eb ChangeLog 2926 +MD5 58b6f8b5a58925f558524fcb4c2711fc files/digest-openttd-0.4.0.1-r1 75 +MD5 43ec527a9d656d58d852c2a828458840 files/openttd-0.4.0.1-buffer-checks.patch 6632 MD5 a169eb5c8572ee01be52c4accf2608a2 files/openttd.initd 529 -MD5 58b6f8b5a58925f558524fcb4c2711fc files/digest-openttd-0.4.0.1 75 -MD5 706c1f4a051e6472683d79b75f3def11 files/digest-openttd-0.3.6-r1 73 +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.2 (GNU/Linux) + +iD8DBQFDFi5GgIKl8Uu19MoRAoucAJ4iMs3Pvt6AbH3Skp5gnb8NQBnXbQCfWpef +zmYPIP4odss96btzEoFe67U= +=O99E +-----END PGP SIGNATURE----- diff --git a/games-simulation/openttd/files/digest-openttd-0.4.0.1-r1 b/games-simulation/openttd/files/digest-openttd-0.4.0.1-r1 new file mode 100644 index 000000000000..1272ae79fcdd --- /dev/null +++ b/games-simulation/openttd/files/digest-openttd-0.4.0.1-r1 @@ -0,0 +1 @@ +MD5 ddd9790c86b7ccc68f60761704cbcf81 openttd-0.4.0.1-source.tar.gz 2950778 diff --git a/games-simulation/openttd/files/openttd-0.4.0.1-buffer-checks.patch b/games-simulation/openttd/files/openttd-0.4.0.1-buffer-checks.patch new file mode 100644 index 000000000000..ffebb6c05603 --- /dev/null +++ b/games-simulation/openttd/files/openttd-0.4.0.1-buffer-checks.patch @@ -0,0 +1,200 @@ +Fix remote buffer overflows and format string attacks. + +Patch by Alexey Dobriyan, diffs taken from upstream svn. + +http://svn.openttd.org/cgi-bin/viewcvs.cgi?rev=2899&view=rev +http://bugs.gentoo.org/show_bug.cgi?id=102631 + +Log Message: +Fix: Several format string vulnerabilities and buffer overflows in the network code + +--- /trunk/console_cmds.c 2005/08/28 10:59:34 2898 ++++ trunk/console_cmds.c 2005/08/28 12:24:57 2899 +@@ -1132,7 +1132,7 @@ + SEND_COMMAND(PACKET_CLIENT_SET_NAME)(_network_player_name); + } else { + if (NetworkFindName(_network_player_name)) { +- NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, _network_player_name); ++ NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, "%s", _network_player_name); + ttd_strlcpy(ci->client_name, _network_player_name, sizeof(ci->client_name)); + NetworkUpdateClientInfo(NETWORK_SERVER_INDEX); + } +--- /trunk/network.c 2005/08/28 10:59:34 2898 ++++ trunk/network.c 2005/08/28 12:24:57 2899 +@@ -100,7 +100,7 @@ + char temp[1024]; + + va_start(va, str); +- vsprintf(buf, str, va); ++ vsnprintf(buf, lengthof(buf), str, va); + va_end(va); + + switch (action) { +@@ -499,7 +499,7 @@ + + GetString(str, STR_NETWORK_ERR_CLIENT_GENERAL + errorno); + +- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, str); ++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, "%s", str); + + // Inform other clients of this... strange leaving ;) + FOR_ALL_CLIENTS(new_cs) { +--- /trunk/network_client.c 2005/08/28 10:59:34 2898 ++++ trunk/network_client.c 2005/08/28 12:24:57 2899 +@@ -349,7 +349,7 @@ + if (ci != NULL) { + if (playas == ci->client_playas && strcmp(name, ci->client_name) != 0) { + // Client name changed, display the change +- NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, name); ++ NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, "%s", name); + } else if (playas != ci->client_playas) { + // The player changed from client-player.. + // Do not display that for now +@@ -666,7 +666,7 @@ + + ci = NetworkFindClientInfoFromIndex(index); + if (ci != NULL) { +- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, ci->client_name, str); ++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, ci->client_name, "%s", str); + + // The client is gone, give the NetworkClientInfo free + ci->client_index = NETWORK_EMPTY_INDEX; +@@ -684,11 +684,11 @@ + NetworkClientInfo *ci; + + index = NetworkRecv_uint16(MY_CLIENT, p); +- NetworkRecv_string(MY_CLIENT, p, str, 100); ++ NetworkRecv_string(MY_CLIENT, p, str, lengthof(str)); + + ci = NetworkFindClientInfoFromIndex(index); + if (ci != NULL) { +- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, ci->client_name, str); ++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, ci->client_name, "%s", str); + + // The client is gone, give the NetworkClientInfo free + ci->client_index = NETWORK_EMPTY_INDEX; +--- /trunk/network_server.c 2005/08/28 10:59:34 2898 ++++ trunk/network_server.c 2005/08/28 12:24:57 2899 +@@ -162,7 +162,7 @@ + + DEBUG(net, 2)("[NET] %s made an error (%s) and his connection is closed", client_name, str); + +- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, str); ++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, "%s", str); + + FOR_ALL_CLIENTS(new_cs) { + if (new_cs->status > STATUS_AUTH && new_cs != cs) { +@@ -904,7 +904,7 @@ + + DEBUG(net, 2)("[NET] %s reported an error and is closing his connection (%s)", client_name, str); + +- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, str); ++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, "%s", str); + + FOR_ALL_CLIENTS(new_cs) { + if (new_cs->status > STATUS_AUTH) { +@@ -929,11 +929,11 @@ + return; + } + +- NetworkRecv_string(cs, p, str, 100); ++ NetworkRecv_string(cs, p, str, lengthof(str)); + + NetworkGetClientName(client_name, sizeof(client_name), cs); + +- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, str); ++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, "%s", str); + + FOR_ALL_CLIENTS(new_cs) { + if (new_cs->status > STATUS_AUTH) { +@@ -1108,7 +1108,7 @@ + if (ci != NULL) { + // Display change + if (NetworkFindName(client_name)) { +- NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, client_name); ++ NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, "%s", client_name); + ttd_strlcpy(ci->client_name, client_name, sizeof(ci->client_name)); + NetworkUpdateClientInfo(ci->client_index); + } +--- /trunk/texteff.c 2005/08/28 10:59:34 2898 ++++ trunk/texteff.c 2005/08/28 12:24:57 2899 +@@ -62,7 +62,7 @@ + int length; + + va_start(va, message); +- vsprintf(buf, message, va); ++ vsnprintf(buf, lengthof(buf), message, va); + va_end(va); + + /* Special color magic */ +--- openttd/os2.c ++++ openttd/os2.c +@@ -642,7 +642,7 @@ static long CDECL MidiSendCommand(const + va_list va; + char buf[512]; + va_start(va, cmd); +- vsprintf(buf, cmd, va); ++ vsnprintf(buf, sizeof(buf), cmd, va); + va_end(va); + return mciSendString(buf, NULL, 0, NULL, 0); + } +--- openttd/strgen/strgen.c ++++ openttd/strgen/strgen.c +@@ -84,7 +84,7 @@ void warning(const char *s, ...) { + char buf[1024]; + va_list va; + va_start(va, s); +- vsprintf(buf, s, va); ++ vsnprintf(buf, sizeof(buf), s, va); + va_end(va); + fprintf(stderr, "%d: ERROR: %s\n", _cur_line, buf); + _warnings = true; +@@ -94,7 +94,7 @@ void NORETURN error(const char *s, ...) + char buf[1024]; + va_list va; + va_start(va, s); +- vsprintf(buf, s, va); ++ vsnprintf(buf, sizeof(buf), s, va); + va_end(va); + fprintf(stderr, "%d: FATAL: %s\n", _cur_line, buf); + exit(1); +--- openttd/ttd.c ++++ openttd/ttd.c +@@ -70,7 +70,7 @@ void CDECL error(const char *s, ...) { + va_list va; + char buf[512]; + va_start(va, s); +- vsprintf(buf, s, va); ++ vsnprintf(buf, sizeof(buf), s, va); + va_end(va); + + ShowOSErrorBox(buf); +@@ -86,7 +86,7 @@ void CDECL ShowInfoF(const char *str, .. + va_list va; + char buf[1024]; + va_start(va, str); +- vsprintf(buf, str, va); ++ vsnprintf(buf, sizeof(buf), str, va); + va_end(va); + ShowInfo(buf); + } +@@ -99,7 +99,7 @@ char * CDECL str_fmt(const char *str, .. + char *p; + + va_start(va, str); +- len = vsprintf(buf, str, va); ++ len = vsnprintf(buf, sizeof(buf), str, va); + va_end(va); + p = malloc(len + 1); + if (p) +--- openttd/win32.c ++++ openttd/win32.c +@@ -841,7 +841,7 @@ static long CDECL MidiSendCommand(const + char buf[512]; + + va_start(va, cmd); +- vsprintf(buf, cmd, va); ++ vsnprintf(buf, sizeof(buf), cmd, va); + va_end(va); + return mciSendStringA(buf, NULL, 0, 0); + } diff --git a/games-simulation/openttd/openttd-0.4.0.1-r1.ebuild b/games-simulation/openttd/openttd-0.4.0.1-r1.ebuild new file mode 100644 index 000000000000..bde077dd018c --- /dev/null +++ b/games-simulation/openttd/openttd-0.4.0.1-r1.ebuild @@ -0,0 +1,147 @@ +# Copyright 1999-2005 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/games-simulation/openttd/openttd-0.4.0.1-r1.ebuild,v 1.1 2005/08/31 22:24:46 vapier Exp $ + +inherit eutils games + +DESCRIPTION="OpenTTD is a clone of Transport Tycoon Deluxe" +HOMEPAGE="http://www.openttd.com/" +SRC_URI="mirror://sourceforge/openttd/${P}-source.tar.gz" + +LICENSE="GPL-2" +SLOT="0" +KEYWORDS="amd64 ppc x86" +IUSE="debug png zlib timidity alsa dedicated" + +DEPEND="media-libs/libsdl + png? ( media-libs/libpng ) + zlib? ( sys-libs/zlib )" +RDEPEND="${DEPEND} + !dedicated? ( + timidity? ( media-sound/timidity++ ) + !timidity? ( alsa? ( media-sound/alsa-utils ) ) + )" + +src_unpack() { + unpack ${A} + cd "${S}" + epatch "${FILESDIR}"/${P}-buffer-checks.patch +} + +src_compile() { + local myopts="" + use debug && myopts="${myopts} DEBUG=1" + use dedicated && myopts="${myopts} DEDICATED=1" + use png && myopts="${myopts} WITH_PNG=1" + use zlib && myopts="${myopts} WITH_ZLIB=1" + if ! use dedicated; then + myopts="${myopts} WITH_SDL=1" + if ! use timidity; then + use alsa && myopts="${myopts} MIDI=/usr/bin/aplaymidi" + fi + fi + + emake -j1 \ + MANUAL_CONFIG=1 \ + UNIX=1 \ + WITH_NETWORK=1 \ + INSTALL=1 \ + RELEASE=${PV} \ + USE_HOMEDIR=1 \ + PERSONAL_DIR=.openttd \ + PREFIX=/usr \ + DATA_DIR=share/games/${PN} \ + ${myopts} \ + || die "emake failed" +} + +src_install() { + dogamesbin openttd || die "dogamesbin failed" + + insinto "${GAMES_DATADIR}/${PN}/data" + doins data/* || die "doins failed (data)" + + insinto "${GAMES_DATADIR}/${PN}/lang" + doins lang/*.lng || die "doins failed (lang)" + + insinto "${GAMES_DATADIR}/${PN}/scenario" + doins scenario/* || die "doins failed (scenario)" + + insinto "${GAMES_DATADIR}/${PN}/scripts" + doins scripts/*.example || die "doins failed (scripts)" + + doicon media/openttd.*.png + + if ! use dedicated; then + if use timidity || use alsa; then + make_desktop_entry "openttd -m extmidi" "OpenTTD" openttd.64.png + else + make_desktop_entry openttd "OpenTTD" openttd.64.png + fi + else + newinitd "${FILESDIR}"/openttd.initd openttd + fi + + dodoc readme.txt changelog.txt docs/Manual.txt docs/console.txt \ + docs/multiplayer.txt + newdoc scripts/readme.txt readme_scripts.txt + doman docs/openttd.6 + prepgamesdirs +} + +pkg_postinst() { + games_pkg_postinst + + echo + einfo "In order to play, you must copy the following 6 files from " + einfo "a version of TTD to ${GAMES_DATADIR}/${PN}/data/." + echo + einfo "From the WINDOWS version you need: " + einfo " sample.cat trg1r.grf trgcr.grf trghr.grf trgir.grf trgtr.grf" + einfo "OR from the DOS version you need: " + einfo " SAMPLE.CAT TRG1.GRF TRGC.GRF TRGH.GRF TRGI.GRF TRGT.GRF" + echo + einfo "Scenarios are installed to ${GAMES_DATADIR}/${PN}/scenario," + einfo "you will have to symlink them to ~/.openttd/scenario in order" + einfo "to use them." + einfo "Example:" + einfo " mkdir -p ~/.openttd/scenario" + einfo " ln -s ${GAMES_DATADIR}/${PN}/scenario/* ~/.openttd/scenario/" + echo + einfo "File names are case sensitive so make sure they are " + einfo "correct for whichever version you have." + echo + + if use dedicated; then + einfo "You have chosen the dedicated USE flag which builds a " + einfo "version of OpenTTD to be used as a game server which " + einfo "does not require SDL. You will not be able to play the " + einfo "game, but if you don't pass this flag you can still use " + einfo "it as a server in the same way, but SDL will be required." + echo + ewarn "Warning: The init script will kill all running openttd" + ewarn "processes when run, including any running client sessions!" + echo + else + if use timidity || use alsa; then + einfo "If you want music, you must copy the gm/ directory" + einfo "to ${GAMES_DATADIR}/${PN}/" + einfo "You can enable MIDI by running:" + einfo " openttd -m extmidi" + echo + if use timidity; then + einfo "You also need soundfonts for timidity, if you don't" + einfo "know what that is, do:" + echo + einfo "emerge media-sound/timidity-eawpatches" + else + einfo "You have emerged with 'aplaymidi' for playing MIDI." + einfo "You have to set the environment variable ALSA_OUTPUT_PORTS." + einfo "Available ports can be listed by using 'aplaymidi -l'." + fi + else + einfo "timidity and/or alsa not in USE so music will not be played during the game." + fi + echo + fi +} |