diff options
| author |   Alex Legler <a3li@gentoo.org> | 2010-08-30 10:52:08 +0000 |
|---|---|---|
| committer | Alex Legler <a3li@gentoo.org> | 2010-08-30 10:52:08 +0000 |
| commit | 2ac7e95c72d08b4b67b49d3bb8008935f1d6e4e8 (patch) | |
| tree | c9ddb5d669dad95ebe0b1a249699fc9e7cd10c61 /net-p2p/ctorrent | |
| parent | Bring gnome-mount dependency back (diff) | |
| download | historical-2ac7e95c72d08b4b67b49d3bb8008935f1d6e4e8.tar.gz historical-2ac7e95c72d08b4b67b49d3bb8008935f1d6e4e8.tar.bz2 historical-2ac7e95c72d08b4b67b49d3bb8008935f1d6e4e8.zip | |
Non-maintainer commit: Revision bump to fix CVE-2009-1759, bug 266953.
Package-Manager: portage-2.2_rc67/cvs/Linux x86_64
Diffstat (limited to 'net-p2p/ctorrent')
| -rw-r--r-- | net-p2p/ctorrent/ChangeLog | 10 | ||||
| -rw-r--r-- | net-p2p/ctorrent/Manifest | 14 | ||||
| -rw-r--r-- | net-p2p/ctorrent/ctorrent-3.3.2-r1.ebuild | 32 | ||||
| -rw-r--r-- | net-p2p/ctorrent/files/ctorrent-CVE-2009-1759.patch | 364 |
4 files changed, 412 insertions, 8 deletions
diff --git a/net-p2p/ctorrent/ChangeLog b/net-p2p/ctorrent/ChangeLog index f20756dc3f06..83a0cdefb1bf 100644 --- a/net-p2p/ctorrent/ChangeLog +++ b/net-p2p/ctorrent/ChangeLog @@ -1,6 +1,12 @@ # ChangeLog for net-p2p/ctorrent -# Copyright 1999-2008 Gentoo Foundation; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-p2p/ctorrent/ChangeLog,v 1.45 2008/11/04 11:04:01 vapier Exp $ +# Copyright 1999-2010 Gentoo Foundation; Distributed under the GPL v2 +# $Header: /var/cvsroot/gentoo-x86/net-p2p/ctorrent/ChangeLog,v 1.46 2010/08/30 10:52:08 a3li Exp $ + +*ctorrent-3.3.2-r1 (30 Aug 2010) + + 30 Aug 2010; Alex Legler <a3li@gentoo.org> +ctorrent-3.3.2-r1.ebuild, + +files/ctorrent-CVE-2009-1759.patch: + Non-maintainer commit: Revision bump to fix CVE-2009-1759, bug 266953. 04 Nov 2008; Mike Frysinger <vapier@gentoo.org> ctorrent-3.3.2.ebuild: Add arm/s390/sh love. diff --git a/net-p2p/ctorrent/Manifest b/net-p2p/ctorrent/Manifest index dc546694a9d2..69e535324afd 100644 --- a/net-p2p/ctorrent/Manifest +++ b/net-p2p/ctorrent/Manifest @@ -1,14 +1,16 @@ -----BEGIN PGP SIGNED MESSAGE----- -Hash: SHA1 +Hash: SHA256 +AUX ctorrent-CVE-2009-1759.patch 10931 RMD160 6475b7ac0ed33a355bed33f1ead0a2014c3f3174 SHA1 e984eb0f637a7775910f9852ac938d5b1ac5c93c SHA256 4d2735ca6bf8704097eae5ee79936d2be6a55074bce86bf74b79dd428a405293 DIST ctorrent-dnh3.3.2.tar.gz 219053 RMD160 5db2613109fc7e55e7ccdf0d2da12e352c99b385 SHA1 d4e221f0292268f80e2430ce9d451dd64cf1ffaa SHA256 c87366c91475931f75b924119580abd06a7b3cb3f00fef47346552cab1e24863 +EBUILD ctorrent-3.3.2-r1.ebuild 826 RMD160 3f1ae344d2623aa5b95cf52365ec56a0b217cff1 SHA1 79efd2f1a56e5f58cf7d5d7d83131d5ce2fa59d1 SHA256 aa00682b0d7de4cbdfebd98c413daddf3c96771f7cb0f264d7c426ae0499e573 EBUILD ctorrent-3.3.2.ebuild 721 RMD160 292c38db9abe02086a404360f3fb48709f70eda9 SHA1 c3c0a9d5319dc433b69187ab00829605a0037181 SHA256 3617a2a356d736e7aff72bdd124e6e770bf65c8ee91fe009ae18719478d0dc5a -MISC ChangeLog 6057 RMD160 691bc21f67a15be0df4aa6455b36a77ad9e1f4fa SHA1 70a0576cf997170d318aa0402468b80fa1c41d00 SHA256 810343c6dd1e64f6649a7521d9ae30efb502c5f1455219d926e9baf3d2f4ba64 +MISC ChangeLog 6274 RMD160 7a3c51266c6f5f59e16f5c5bfe008181d51d6902 SHA1 c221fbf9673168cd16d7ebf2503b05d1a38eaa2e SHA256 7414ecf98ee7c21a6e033c1ddd63c16b90eb0ef64d7f08757bcba781d3af1943 MISC metadata.xml 160 RMD160 828887200387b28c37fc97111fc6bc3a0a2fcccd SHA1 813ef5bc57f6a8d95e7cab7a745a2a824858f49c SHA256 fe06593409e7f28665c032001005e94cb650299711a0af7f1a558bdb56c4004f -----BEGIN PGP SIGNATURE----- -Version: GnuPG v2.0.9 (GNU/Linux) +Version: GnuPG v2.0.16 (GNU/Linux) -iEYEARECAAYFAkkemuwACgkQ67wieSYcaxdPogCgxdK+ADKPoG0OdO8F5tK1k1f1 -/dAAoJpCvHVMKDXwGr8FJddNebti6MTy -=VpBX +iF4EAREIAAYFAkx7jV4ACgkQ3Ca6Xy8+rvQ2/gD/SESIWMeHfFTQEx9c5ZpjNM/G +hIQH4st2gFsBuYSfZN4A/3W4/k0/TKwPVkQm/Y6dQD2Kv9rPhGJMOxT9iDLTsOdQ +=7zH0 -----END PGP SIGNATURE----- diff --git a/net-p2p/ctorrent/ctorrent-3.3.2-r1.ebuild b/net-p2p/ctorrent/ctorrent-3.3.2-r1.ebuild new file mode 100644 index 000000000000..1bf99b74c9c7 --- /dev/null +++ b/net-p2p/ctorrent/ctorrent-3.3.2-r1.ebuild @@ -0,0 +1,32 @@ +# Copyright 1999-2010 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Header: /var/cvsroot/gentoo-x86/net-p2p/ctorrent/ctorrent-3.3.2-r1.ebuild,v 1.1 2010/08/30 10:52:08 a3li Exp $ + +inherit eutils + +MY_P="${PN}-dnh${PV}" + +DESCRIPTION="Enhanced CTorrent is a BitTorrent console client written in C and C++." +HOMEPAGE="http://www.rahul.net/dholmes/ctorrent/" +SRC_URI="mirror://sourceforge/dtorrent/${MY_P}.tar.gz" + +SLOT="0" +LICENSE="GPL-2" +KEYWORDS="~amd64 ~arm ~ppc ~s390 ~sh ~sparc ~x86 ~x86-fbsd" +IUSE="" + +S="${WORKDIR}/${MY_P}" + +DEPEND="dev-libs/openssl" + +src_unpack() { + unpack ${A} + cd "${S}" + + epatch "${FILESDIR}/${PN}-CVE-2009-1759.patch" || die +} + +src_install() { + emake DESTDIR="${D}" install || die "emake install failed." + dodoc AUTHORS ChangeLog README-DNH.TXT README NEWS +} diff --git a/net-p2p/ctorrent/files/ctorrent-CVE-2009-1759.patch b/net-p2p/ctorrent/files/ctorrent-CVE-2009-1759.patch new file mode 100644 index 000000000000..196703099f60 --- /dev/null +++ b/net-p2p/ctorrent/files/ctorrent-CVE-2009-1759.patch @@ -0,0 +1,364 @@ +Patch for CVE-2009-1759. +Source: Upstream SVN, rev 302 from the drorrent-3 branch. + +Index: bencode.h +=================================================================== +--- bencode.h (revision 300) ++++ bencode.h (revision 302) +@@ -25,7 +25,7 @@ + size_t decode_list(const char *b,size_t len,const char *keylist); + size_t decode_rev(const char *b,size_t len,const char *keylist); + size_t decode_query(const char *b,size_t len,const char *keylist,const char **ps,size_t *pi,int64_t *pl,int method); +-size_t decode_list2path(const char *b, size_t n, char *pathname); ++size_t decode_list2path(const char *b, size_t n, char *pathname, size_t maxlen); + size_t bencode_buf(const char *str,size_t len,FILE *fp); + size_t bencode_str(const char *str, FILE *fp); + size_t bencode_int(const uint64_t integer, FILE *fp); +Index: bencode.cpp +=================================================================== +--- bencode.cpp (revision 300) ++++ bencode.cpp (revision 302) +@@ -233,22 +233,28 @@ + return bencode_end_dict_list(fp); + } + +-size_t decode_list2path(const char *b, size_t n, char *pathname) ++size_t decode_list2path(const char *b, size_t n, char *pathname, size_t maxlen) + { + const char *pb = b; + const char *s = (char *) 0; ++ const char *endmax = pathname + maxlen - 1; + size_t r,q; + + if( 'l' != *pb ) return 0; + pb++; + n--; + if( !n ) return 0; +- for(; n;){ ++ while( n && pathname < endmax ){ + if(!(r = buf_str(pb, n, &s, &q)) ) return 0; ++ if( q >= maxlen ) return 0; + memcpy(pathname, s, q); + pathname += q; +- pb += r; n -= r; +- if( 'e' != *pb ){*pathname = PATH_SP, pathname++;} else break; ++ maxlen -= q; ++ pb += r; ++ n -= r; ++ if( 'e' == *pb ) break; ++ if( pathname >= endmax ) return 0; ++ *pathname++ = PATH_SP; + } + *pathname = '\0'; + return (pb - b + 1); +Index: btfiles.cpp +=================================================================== +--- btfiles.cpp (revision 300) ++++ btfiles.cpp (revision 302) +@@ -449,7 +449,8 @@ + return 0; + } + +-int btFiles::BuildFromMI(const char *metabuf, const size_t metabuf_len, const char *saveas) ++int btFiles::BuildFromMI(const char *metabuf, const size_t metabuf_len, ++ const char *saveas, unsigned char exam_only) + { + char path[MAXPATHLEN]; + const char *s, *p; +@@ -458,11 +459,19 @@ + int f_warned = 0; + + if( !decode_query(metabuf, metabuf_len, "info|name", &s, &q, (int64_t*)0, +- QUERY_STR) || MAXPATHLEN <= q ) ++ QUERY_STR) || MAXPATHLEN <= q ){ ++ errno = EINVAL; + return -1; ++ } + + memcpy(path, s, q); + path[q] = '\0'; ++ if( !exam_only && ++ (PATH_SP == path[0] || '/' == path[0] || 0==strncmp("..", path, 2)) ){ ++ CONSOLE.Warning(1, "error, unsafe path \"%s\" in torrent data", path); ++ errno = EINVAL; ++ return -1; ++ } + + r = decode_query(metabuf, metabuf_len, "info|files", (const char**)0, &q, + (int64_t*)0, QUERY_POS); +@@ -471,21 +480,31 @@ + BTFILE *pbf_last = (BTFILE*) 0; + BTFILE *pbf = (BTFILE*) 0; + size_t dl; ++ unsigned long nfiles = 0; ++ + if( decode_query(metabuf,metabuf_len,"info|length", +- (const char**) 0,(size_t*) 0,(int64_t*) 0,QUERY_LONG) ) ++ (const char**) 0,(size_t*) 0,(int64_t*) 0,QUERY_LONG) ){ ++ errno = EINVAL; + return -1; ++ } + + if( saveas ){ + m_directory = new char[strlen(saveas) + 1]; + #ifndef WINDOWS +- if(!m_directory) return -1; ++ if( !m_directory ){ ++ errno = ENOMEM; ++ return -1; ++ } + #endif + strcpy(m_directory,saveas); + }else{ + int f_conv; + char *tmpfn = new char[strlen(path)*2+5]; + #ifndef WINDOWS +- if( !tmpfn ) return -1; ++ if( !tmpfn ){ ++ errno = ENOMEM; ++ return -1; ++ } + #endif + if( f_conv = ConvertFilename(tmpfn, path, strlen(path)*2+5) ){ + if( arg_flg_convert_filenames ){ +@@ -493,6 +512,7 @@ + #ifndef WINDOWS + if( !m_directory ){ + delete []tmpfn; ++ errno = ENOMEM; + return -1; + } + #endif +@@ -507,7 +527,10 @@ + if( !f_conv || !arg_flg_convert_filenames ){ + m_directory = new char[strlen(path) + 1]; + #ifndef WINDOWS +- if( !m_directory ) return -1; ++ if( !m_directory ){ ++ errno = ENOMEM; ++ return -1; ++ } + #endif + strcpy(m_directory,path); + } +@@ -517,24 +540,50 @@ + p = metabuf + r + 1; + q--; + for(; q && 'e' != *p; p += dl, q -= dl){ +- if(!(dl = decode_dict(p, q, (const char*) 0)) ) return -1; +- if( !decode_query(p, dl, "length", (const char**) 0, +- (size_t*) 0,&t,QUERY_LONG) ) return -1; ++ if( !(dl = decode_dict(p, q, (const char*) 0)) || ++ !decode_query(p, dl, "length", (const char**) 0, (size_t*) 0, &t, ++ QUERY_LONG) ){ ++ errno = EINVAL; ++ return -1; ++ } + pbf = _new_bfnode(); + #ifndef WINDOWS +- if( !pbf ) return -1; ++ if( !pbf ){ ++ errno = ENOMEM; ++ return -1; ++ } + #endif ++ nfiles++; + pbf->bf_length = t; + m_total_files_length += t; + r = decode_query(p, dl, "path", (const char **)0, &n, (int64_t*)0, + QUERY_POS); +- if( !r ) return -1; +- if(!decode_list2path(p + r, n, path)) return -1; ++ if( !r || !decode_list2path(p + r, n, path, sizeof(path)) ){ ++ CONSOLE.Warning(1, ++ "error, invalid path in torrent data for file %lu at offset %llu", ++ nfiles, m_total_files_length - t); ++ delete pbf; ++ errno = EINVAL; ++ return -1; ++ } ++ if( !exam_only && ++ (PATH_SP == path[0] || '/' == path[0] || 0==strncmp("..", path, 2)) ){ ++ CONSOLE.Warning(1, ++ "error, unsafe path \"%s\" in torrent data for file %lu", ++ path, nfiles); ++ delete pbf; ++ errno = EINVAL; ++ return -1; ++ } + ++ + int f_conv; + char *tmpfn = new char[strlen(path)*2+5]; + #ifndef WINDOWS +- if( !tmpfn ) return -1; ++ if( !tmpfn ){ ++ errno = ENOMEM; ++ return -1; ++ } + #endif + if( f_conv = ConvertFilename(tmpfn, path, strlen(path)*2+5) ){ + if( arg_flg_convert_filenames ){ +@@ -542,6 +591,7 @@ + #ifndef WINDOWS + if( !pbf->bf_filename ){ + delete []tmpfn; ++ errno = ENOMEM; + return -1; + } + #endif +@@ -556,7 +606,10 @@ + if( !f_conv || !arg_flg_convert_filenames ){ + pbf->bf_filename = new char[strlen(path) + 1]; + #ifndef WINDOWS +- if( !pbf->bf_filename ) return -1; ++ if( !pbf->bf_filename ){ ++ errno = ENOMEM; ++ return -1; ++ } + #endif + strcpy(pbf->bf_filename, path); + } +@@ -564,30 +617,42 @@ + pbf_last = pbf; + } + }else{ +- if( !decode_query(metabuf,metabuf_len,"info|length", +- (const char**) 0,(size_t*) 0,&t,QUERY_LONG) ) ++ if( !decode_query(metabuf,metabuf_len, "info|length", ++ (const char**)0, (size_t*) 0, &t, QUERY_LONG) ){ ++ errno = EINVAL; + return -1; ++ } + m_btfhead = _new_bfnode(); + #ifndef WINDOWS +- if( !m_btfhead) return -1; ++ if( !m_btfhead ){ ++ errno = ENOMEM; ++ return -1; ++ } + #endif + m_btfhead->bf_length = m_total_files_length = t; + if( saveas ){ + m_btfhead->bf_filename = new char[strlen(saveas) + 1]; + #ifndef WINDOWS +- if(!m_btfhead->bf_filename ) return -1; ++ if( !m_btfhead->bf_filename ){ ++ errno = ENOMEM; ++ return -1; ++ } + #endif + strcpy(m_btfhead->bf_filename, saveas); + }else if( arg_flg_convert_filenames ){ + char *tmpfn = new char[strlen(path)*2+5]; + #ifndef WINDOWS +- if( !tmpfn ) return -1; ++ if( !tmpfn ){ ++ errno = ENOMEM; ++ return -1; ++ } + #endif + ConvertFilename(tmpfn, path, strlen(path)*2+5); + m_btfhead->bf_filename = new char[strlen(tmpfn) + 1]; + #ifndef WINDOWS + if( !m_btfhead->bf_filename ){ + delete []tmpfn; ++ errno = ENOMEM; + return -1; + } + #endif +@@ -596,7 +661,10 @@ + }else{ + m_btfhead->bf_filename = new char[strlen(path) + 1]; + #ifndef WINDOWS +- if(!m_btfhead->bf_filename ) return -1; ++ if( !m_btfhead->bf_filename ){ ++ errno = ENOMEM; ++ return -1; ++ } + #endif + strcpy(m_btfhead->bf_filename, path); + } +@@ -694,6 +762,32 @@ + size_t btFiles::FillMetaInfo(FILE* fp) + { + BTFILE *p; ++ const char *refname, *s; ++ char path[MAXPATHLEN]; ++ ++ refname = m_directory ? m_directory : m_btfhead->bf_filename; ++ while( (s = strchr(refname, PATH_SP)) && *(s + 1) ){ ++ refname = s + 1; ++ } ++ if( m_directory && '.' == *refname ){ ++ char dir[MAXPATHLEN]; ++ if( getcwd(dir, sizeof(dir)) && 0==chdir(m_directory) ){ ++ if( getcwd(path, sizeof(path)) ){ ++ refname = path; ++ while( (s = strchr(refname, PATH_SP)) && *(s + 1) ){ ++ refname = s + 1; ++ } ++ } ++ chdir(dir); ++ } ++ } ++ if( '/' == *refname || '\0' == *refname || '.' == *refname ){ ++ CONSOLE.Warning(1, "error, inappropriate file or directory name \"%s\"", ++ m_directory ? m_directory : m_btfhead->bf_filename); ++ errno = EINVAL; ++ return 0; ++ } ++ + if( m_directory ){ + // multi files + if( bencode_str("files", fp) != 1 ) return 0; +@@ -715,16 +809,15 @@ + if(bencode_end_dict_list(fp) != 1 ) return 0; + + if(bencode_str("name", fp) != 1) return 0; +- return bencode_str(m_directory, fp); +- ++ return bencode_str(refname, fp); + }else{ + if( bencode_str("length", fp) != 1 ) return 0; + if( bencode_int(m_btfhead->bf_length, fp) != 1) return 0; + + if( bencode_str("name", fp) != 1 ) return 0; +- return bencode_str(m_btfhead->bf_filename, fp); ++ return bencode_str(refname, fp); + } +- return 1; ++ return 0; + } + + +Index: btcontent.cpp +=================================================================== +--- btcontent.cpp (revision 300) ++++ btcontent.cpp (revision 302) +@@ -357,7 +357,11 @@ + + cfg_req_queue_length = (m_piece_length / cfg_req_slice_size) * 2 - 1; + +- if( m_btfiles.BuildFromMI(b, flen, saveas) < 0 ) ERR_RETURN(); ++ if( m_btfiles.BuildFromMI(b, flen, saveas, arg_flg_exam_only) < 0 ){ ++ if( EINVAL == errno ) ++ CONSOLE.Warning(1, "Torrent metainfo file data is invalid or unusable."); ++ ERR_RETURN(); ++ } + + delete []b; + b = (char *)0; +Index: btfiles.h +=================================================================== +--- btfiles.h (revision 300) ++++ btfiles.h (revision 302) +@@ -61,7 +61,7 @@ + + int BuildFromFS(const char *pathname); + int BuildFromMI(const char *metabuf, const size_t metabuf_len, +- const char *saveas); ++ const char *saveas, unsigned char exam_only); + + char *GetDataName() const; + uint64_t GetTotalLength() const { return m_total_files_length; } |