summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2005-08-31 22:24:46 +0000
committerMike Frysinger <vapier@gentoo.org>2005-08-31 22:24:46 +0000
commitd86ff5a69394c7e41fc191a3402b3d69cf44affe (patch)
tree6982641aeb9ec21d961f2f9c02de38e701278063 /games-simulation
parentfixed version of openttd now in portage (diff)
downloadhistorical-d86ff5a69394c7e41fc191a3402b3d69cf44affe.tar.gz
historical-d86ff5a69394c7e41fc191a3402b3d69cf44affe.tar.bz2
historical-d86ff5a69394c7e41fc191a3402b3d69cf44affe.zip
Version bump with security fix #102631 by Alexey Dobriyan.
Package-Manager: portage-2.0.51.22-r2
Diffstat (limited to 'games-simulation')
-rw-r--r--games-simulation/openttd/ChangeLog8
-rw-r--r--games-simulation/openttd/Manifest21
-rw-r--r--games-simulation/openttd/files/digest-openttd-0.4.0.1-r11
-rw-r--r--games-simulation/openttd/files/openttd-0.4.0.1-buffer-checks.patch200
-rw-r--r--games-simulation/openttd/openttd-0.4.0.1-r1.ebuild147
5 files changed, 369 insertions, 8 deletions
diff --git a/games-simulation/openttd/ChangeLog b/games-simulation/openttd/ChangeLog
index 7921e266f668..f18b8dee4f7e 100644
--- a/games-simulation/openttd/ChangeLog
+++ b/games-simulation/openttd/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for games-simulation/openttd
# Copyright 1999-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/games-simulation/openttd/ChangeLog,v 1.15 2005/08/22 20:27:05 hansmi Exp $
+# $Header: /var/cvsroot/gentoo-x86/games-simulation/openttd/ChangeLog,v 1.16 2005/08/31 22:24:46 vapier Exp $
+
+*openttd-0.4.0.1-r1 (31 Aug 2005)
+
+ 31 Aug 2005; Mike Frysinger <vapier@gentoo.org>
+ +files/openttd-0.4.0.1-buffer-checks.patch, +openttd-0.4.0.1-r1.ebuild:
+ Version bump with security fix #102631 by Alexey Dobriyan.
22 Aug 2005; Michael Hanselmann <hansmi@gentoo.org>
openttd-0.4.0.1.ebuild:
diff --git a/games-simulation/openttd/Manifest b/games-simulation/openttd/Manifest
index 3f71a93b65ee..4fea27d15c2a 100644
--- a/games-simulation/openttd/Manifest
+++ b/games-simulation/openttd/Manifest
@@ -1,9 +1,16 @@
-MD5 722fc70915d614092fed4f3f2a17db2b openttd-0.4.0.1.ebuild 4232
-MD5 0545a9ceee2db438f49045bfdb8098ce openttd-0.4.0.ebuild 4229
+-----BEGIN PGP SIGNED MESSAGE-----
+Hash: SHA1
+
MD5 7efefbbe81a05cbc5d4e96203f047fda metadata.xml 245
-MD5 d60e38ed26fea31f2f822235ec4e404b ChangeLog 2705
-MD5 b4920ba6225a18cedcb6887038f11a7d openttd-0.3.6-r1.ebuild 4180
-MD5 ebb13a7591c4ec12f1bb5e25fb8aff18 files/digest-openttd-0.4.0 70
+MD5 44e37a7863de4415a5b4506e41cac6cc openttd-0.4.0.1-r1.ebuild 4349
+MD5 f30148c9a866518fbe2a3ff864bf52eb ChangeLog 2926
+MD5 58b6f8b5a58925f558524fcb4c2711fc files/digest-openttd-0.4.0.1-r1 75
+MD5 43ec527a9d656d58d852c2a828458840 files/openttd-0.4.0.1-buffer-checks.patch 6632
MD5 a169eb5c8572ee01be52c4accf2608a2 files/openttd.initd 529
-MD5 58b6f8b5a58925f558524fcb4c2711fc files/digest-openttd-0.4.0.1 75
-MD5 706c1f4a051e6472683d79b75f3def11 files/digest-openttd-0.3.6-r1 73
+-----BEGIN PGP SIGNATURE-----
+Version: GnuPG v1.4.2 (GNU/Linux)
+
+iD8DBQFDFi5GgIKl8Uu19MoRAoucAJ4iMs3Pvt6AbH3Skp5gnb8NQBnXbQCfWpef
+zmYPIP4odss96btzEoFe67U=
+=O99E
+-----END PGP SIGNATURE-----
diff --git a/games-simulation/openttd/files/digest-openttd-0.4.0.1-r1 b/games-simulation/openttd/files/digest-openttd-0.4.0.1-r1
new file mode 100644
index 000000000000..1272ae79fcdd
--- /dev/null
+++ b/games-simulation/openttd/files/digest-openttd-0.4.0.1-r1
@@ -0,0 +1 @@
+MD5 ddd9790c86b7ccc68f60761704cbcf81 openttd-0.4.0.1-source.tar.gz 2950778
diff --git a/games-simulation/openttd/files/openttd-0.4.0.1-buffer-checks.patch b/games-simulation/openttd/files/openttd-0.4.0.1-buffer-checks.patch
new file mode 100644
index 000000000000..ffebb6c05603
--- /dev/null
+++ b/games-simulation/openttd/files/openttd-0.4.0.1-buffer-checks.patch
@@ -0,0 +1,200 @@
+Fix remote buffer overflows and format string attacks.
+
+Patch by Alexey Dobriyan, diffs taken from upstream svn.
+
+http://svn.openttd.org/cgi-bin/viewcvs.cgi?rev=2899&view=rev
+http://bugs.gentoo.org/show_bug.cgi?id=102631
+
+Log Message:
+Fix: Several format string vulnerabilities and buffer overflows in the network code
+
+--- /trunk/console_cmds.c 2005/08/28 10:59:34 2898
++++ trunk/console_cmds.c 2005/08/28 12:24:57 2899
+@@ -1132,7 +1132,7 @@
+ SEND_COMMAND(PACKET_CLIENT_SET_NAME)(_network_player_name);
+ } else {
+ if (NetworkFindName(_network_player_name)) {
+- NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, _network_player_name);
++ NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, "%s", _network_player_name);
+ ttd_strlcpy(ci->client_name, _network_player_name, sizeof(ci->client_name));
+ NetworkUpdateClientInfo(NETWORK_SERVER_INDEX);
+ }
+--- /trunk/network.c 2005/08/28 10:59:34 2898
++++ trunk/network.c 2005/08/28 12:24:57 2899
+@@ -100,7 +100,7 @@
+ char temp[1024];
+
+ va_start(va, str);
+- vsprintf(buf, str, va);
++ vsnprintf(buf, lengthof(buf), str, va);
+ va_end(va);
+
+ switch (action) {
+@@ -499,7 +499,7 @@
+
+ GetString(str, STR_NETWORK_ERR_CLIENT_GENERAL + errorno);
+
+- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, str);
++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, "%s", str);
+
+ // Inform other clients of this... strange leaving ;)
+ FOR_ALL_CLIENTS(new_cs) {
+--- /trunk/network_client.c 2005/08/28 10:59:34 2898
++++ trunk/network_client.c 2005/08/28 12:24:57 2899
+@@ -349,7 +349,7 @@
+ if (ci != NULL) {
+ if (playas == ci->client_playas && strcmp(name, ci->client_name) != 0) {
+ // Client name changed, display the change
+- NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, name);
++ NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, "%s", name);
+ } else if (playas != ci->client_playas) {
+ // The player changed from client-player..
+ // Do not display that for now
+@@ -666,7 +666,7 @@
+
+ ci = NetworkFindClientInfoFromIndex(index);
+ if (ci != NULL) {
+- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, ci->client_name, str);
++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, ci->client_name, "%s", str);
+
+ // The client is gone, give the NetworkClientInfo free
+ ci->client_index = NETWORK_EMPTY_INDEX;
+@@ -684,11 +684,11 @@
+ NetworkClientInfo *ci;
+
+ index = NetworkRecv_uint16(MY_CLIENT, p);
+- NetworkRecv_string(MY_CLIENT, p, str, 100);
++ NetworkRecv_string(MY_CLIENT, p, str, lengthof(str));
+
+ ci = NetworkFindClientInfoFromIndex(index);
+ if (ci != NULL) {
+- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, ci->client_name, str);
++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, ci->client_name, "%s", str);
+
+ // The client is gone, give the NetworkClientInfo free
+ ci->client_index = NETWORK_EMPTY_INDEX;
+--- /trunk/network_server.c 2005/08/28 10:59:34 2898
++++ trunk/network_server.c 2005/08/28 12:24:57 2899
+@@ -162,7 +162,7 @@
+
+ DEBUG(net, 2)("[NET] %s made an error (%s) and his connection is closed", client_name, str);
+
+- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, str);
++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, "%s", str);
+
+ FOR_ALL_CLIENTS(new_cs) {
+ if (new_cs->status > STATUS_AUTH && new_cs != cs) {
+@@ -904,7 +904,7 @@
+
+ DEBUG(net, 2)("[NET] %s reported an error and is closing his connection (%s)", client_name, str);
+
+- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, str);
++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, "%s", str);
+
+ FOR_ALL_CLIENTS(new_cs) {
+ if (new_cs->status > STATUS_AUTH) {
+@@ -929,11 +929,11 @@
+ return;
+ }
+
+- NetworkRecv_string(cs, p, str, 100);
++ NetworkRecv_string(cs, p, str, lengthof(str));
+
+ NetworkGetClientName(client_name, sizeof(client_name), cs);
+
+- NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, str);
++ NetworkTextMessage(NETWORK_ACTION_LEAVE, 1, false, client_name, "%s", str);
+
+ FOR_ALL_CLIENTS(new_cs) {
+ if (new_cs->status > STATUS_AUTH) {
+@@ -1108,7 +1108,7 @@
+ if (ci != NULL) {
+ // Display change
+ if (NetworkFindName(client_name)) {
+- NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, client_name);
++ NetworkTextMessage(NETWORK_ACTION_NAME_CHANGE, 1, false, ci->client_name, "%s", client_name);
+ ttd_strlcpy(ci->client_name, client_name, sizeof(ci->client_name));
+ NetworkUpdateClientInfo(ci->client_index);
+ }
+--- /trunk/texteff.c 2005/08/28 10:59:34 2898
++++ trunk/texteff.c 2005/08/28 12:24:57 2899
+@@ -62,7 +62,7 @@
+ int length;
+
+ va_start(va, message);
+- vsprintf(buf, message, va);
++ vsnprintf(buf, lengthof(buf), message, va);
+ va_end(va);
+
+ /* Special color magic */
+--- openttd/os2.c
++++ openttd/os2.c
+@@ -642,7 +642,7 @@ static long CDECL MidiSendCommand(const
+ va_list va;
+ char buf[512];
+ va_start(va, cmd);
+- vsprintf(buf, cmd, va);
++ vsnprintf(buf, sizeof(buf), cmd, va);
+ va_end(va);
+ return mciSendString(buf, NULL, 0, NULL, 0);
+ }
+--- openttd/strgen/strgen.c
++++ openttd/strgen/strgen.c
+@@ -84,7 +84,7 @@ void warning(const char *s, ...) {
+ char buf[1024];
+ va_list va;
+ va_start(va, s);
+- vsprintf(buf, s, va);
++ vsnprintf(buf, sizeof(buf), s, va);
+ va_end(va);
+ fprintf(stderr, "%d: ERROR: %s\n", _cur_line, buf);
+ _warnings = true;
+@@ -94,7 +94,7 @@ void NORETURN error(const char *s, ...)
+ char buf[1024];
+ va_list va;
+ va_start(va, s);
+- vsprintf(buf, s, va);
++ vsnprintf(buf, sizeof(buf), s, va);
+ va_end(va);
+ fprintf(stderr, "%d: FATAL: %s\n", _cur_line, buf);
+ exit(1);
+--- openttd/ttd.c
++++ openttd/ttd.c
+@@ -70,7 +70,7 @@ void CDECL error(const char *s, ...) {
+ va_list va;
+ char buf[512];
+ va_start(va, s);
+- vsprintf(buf, s, va);
++ vsnprintf(buf, sizeof(buf), s, va);
+ va_end(va);
+
+ ShowOSErrorBox(buf);
+@@ -86,7 +86,7 @@ void CDECL ShowInfoF(const char *str, ..
+ va_list va;
+ char buf[1024];
+ va_start(va, str);
+- vsprintf(buf, str, va);
++ vsnprintf(buf, sizeof(buf), str, va);
+ va_end(va);
+ ShowInfo(buf);
+ }
+@@ -99,7 +99,7 @@ char * CDECL str_fmt(const char *str, ..
+ char *p;
+
+ va_start(va, str);
+- len = vsprintf(buf, str, va);
++ len = vsnprintf(buf, sizeof(buf), str, va);
+ va_end(va);
+ p = malloc(len + 1);
+ if (p)
+--- openttd/win32.c
++++ openttd/win32.c
+@@ -841,7 +841,7 @@ static long CDECL MidiSendCommand(const
+ char buf[512];
+
+ va_start(va, cmd);
+- vsprintf(buf, cmd, va);
++ vsnprintf(buf, sizeof(buf), cmd, va);
+ va_end(va);
+ return mciSendStringA(buf, NULL, 0, 0);
+ }
diff --git a/games-simulation/openttd/openttd-0.4.0.1-r1.ebuild b/games-simulation/openttd/openttd-0.4.0.1-r1.ebuild
new file mode 100644
index 000000000000..bde077dd018c
--- /dev/null
+++ b/games-simulation/openttd/openttd-0.4.0.1-r1.ebuild
@@ -0,0 +1,147 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/games-simulation/openttd/openttd-0.4.0.1-r1.ebuild,v 1.1 2005/08/31 22:24:46 vapier Exp $
+
+inherit eutils games
+
+DESCRIPTION="OpenTTD is a clone of Transport Tycoon Deluxe"
+HOMEPAGE="http://www.openttd.com/"
+SRC_URI="mirror://sourceforge/openttd/${P}-source.tar.gz"
+
+LICENSE="GPL-2"
+SLOT="0"
+KEYWORDS="amd64 ppc x86"
+IUSE="debug png zlib timidity alsa dedicated"
+
+DEPEND="media-libs/libsdl
+ png? ( media-libs/libpng )
+ zlib? ( sys-libs/zlib )"
+RDEPEND="${DEPEND}
+ !dedicated? (
+ timidity? ( media-sound/timidity++ )
+ !timidity? ( alsa? ( media-sound/alsa-utils ) )
+ )"
+
+src_unpack() {
+ unpack ${A}
+ cd "${S}"
+ epatch "${FILESDIR}"/${P}-buffer-checks.patch
+}
+
+src_compile() {
+ local myopts=""
+ use debug && myopts="${myopts} DEBUG=1"
+ use dedicated && myopts="${myopts} DEDICATED=1"
+ use png && myopts="${myopts} WITH_PNG=1"
+ use zlib && myopts="${myopts} WITH_ZLIB=1"
+ if ! use dedicated; then
+ myopts="${myopts} WITH_SDL=1"
+ if ! use timidity; then
+ use alsa && myopts="${myopts} MIDI=/usr/bin/aplaymidi"
+ fi
+ fi
+
+ emake -j1 \
+ MANUAL_CONFIG=1 \
+ UNIX=1 \
+ WITH_NETWORK=1 \
+ INSTALL=1 \
+ RELEASE=${PV} \
+ USE_HOMEDIR=1 \
+ PERSONAL_DIR=.openttd \
+ PREFIX=/usr \
+ DATA_DIR=share/games/${PN} \
+ ${myopts} \
+ || die "emake failed"
+}
+
+src_install() {
+ dogamesbin openttd || die "dogamesbin failed"
+
+ insinto "${GAMES_DATADIR}/${PN}/data"
+ doins data/* || die "doins failed (data)"
+
+ insinto "${GAMES_DATADIR}/${PN}/lang"
+ doins lang/*.lng || die "doins failed (lang)"
+
+ insinto "${GAMES_DATADIR}/${PN}/scenario"
+ doins scenario/* || die "doins failed (scenario)"
+
+ insinto "${GAMES_DATADIR}/${PN}/scripts"
+ doins scripts/*.example || die "doins failed (scripts)"
+
+ doicon media/openttd.*.png
+
+ if ! use dedicated; then
+ if use timidity || use alsa; then
+ make_desktop_entry "openttd -m extmidi" "OpenTTD" openttd.64.png
+ else
+ make_desktop_entry openttd "OpenTTD" openttd.64.png
+ fi
+ else
+ newinitd "${FILESDIR}"/openttd.initd openttd
+ fi
+
+ dodoc readme.txt changelog.txt docs/Manual.txt docs/console.txt \
+ docs/multiplayer.txt
+ newdoc scripts/readme.txt readme_scripts.txt
+ doman docs/openttd.6
+ prepgamesdirs
+}
+
+pkg_postinst() {
+ games_pkg_postinst
+
+ echo
+ einfo "In order to play, you must copy the following 6 files from "
+ einfo "a version of TTD to ${GAMES_DATADIR}/${PN}/data/."
+ echo
+ einfo "From the WINDOWS version you need: "
+ einfo " sample.cat trg1r.grf trgcr.grf trghr.grf trgir.grf trgtr.grf"
+ einfo "OR from the DOS version you need: "
+ einfo " SAMPLE.CAT TRG1.GRF TRGC.GRF TRGH.GRF TRGI.GRF TRGT.GRF"
+ echo
+ einfo "Scenarios are installed to ${GAMES_DATADIR}/${PN}/scenario,"
+ einfo "you will have to symlink them to ~/.openttd/scenario in order"
+ einfo "to use them."
+ einfo "Example:"
+ einfo " mkdir -p ~/.openttd/scenario"
+ einfo " ln -s ${GAMES_DATADIR}/${PN}/scenario/* ~/.openttd/scenario/"
+ echo
+ einfo "File names are case sensitive so make sure they are "
+ einfo "correct for whichever version you have."
+ echo
+
+ if use dedicated; then
+ einfo "You have chosen the dedicated USE flag which builds a "
+ einfo "version of OpenTTD to be used as a game server which "
+ einfo "does not require SDL. You will not be able to play the "
+ einfo "game, but if you don't pass this flag you can still use "
+ einfo "it as a server in the same way, but SDL will be required."
+ echo
+ ewarn "Warning: The init script will kill all running openttd"
+ ewarn "processes when run, including any running client sessions!"
+ echo
+ else
+ if use timidity || use alsa; then
+ einfo "If you want music, you must copy the gm/ directory"
+ einfo "to ${GAMES_DATADIR}/${PN}/"
+ einfo "You can enable MIDI by running:"
+ einfo " openttd -m extmidi"
+ echo
+ if use timidity; then
+ einfo "You also need soundfonts for timidity, if you don't"
+ einfo "know what that is, do:"
+ echo
+ einfo "emerge media-sound/timidity-eawpatches"
+ else
+ einfo "You have emerged with 'aplaymidi' for playing MIDI."
+ einfo "You have to set the environment variable ALSA_OUTPUT_PORTS."
+ einfo "Available ports can be listed by using 'aplaymidi -l'."
+ fi
+ else
+ einfo "timidity and/or alsa not in USE so music will not be played during the game."
+ fi
+ echo
+ fi
+}