aboutsummaryrefslogtreecommitdiffstats
path: root/main/logrotate/logrotate-3.7.9-statefile.patch
diff options
context:
space:
mode:
authorNatanael Copa <ncopa@alpinelinux.org>2011-04-05 06:22:21 +0000
committerNatanael Copa <ncopa@alpinelinux.org>2011-04-05 06:24:42 +0000
commite30653b7a5011b09138e547bd80561ccba16f0c4 (patch)
treed5d4be0a5527e4024d7b3a65d6147c28ce850993 /main/logrotate/logrotate-3.7.9-statefile.patch
parentda893fac83b4b4ca362dad2dd6da74022ebc6cfc (diff)
downloadaports-e30653b7a5011b09138e547bd80561ccba16f0c4.tar.bz2
aports-e30653b7a5011b09138e547bd80561ccba16f0c4.tar.xz
main/logrotate: security fixes
Diffstat (limited to 'main/logrotate/logrotate-3.7.9-statefile.patch')
-rw-r--r--main/logrotate/logrotate-3.7.9-statefile.patch96
1 files changed, 96 insertions, 0 deletions
diff --git a/main/logrotate/logrotate-3.7.9-statefile.patch b/main/logrotate/logrotate-3.7.9-statefile.patch
new file mode 100644
index 0000000000..daa02402fa
--- /dev/null
+++ b/main/logrotate/logrotate-3.7.9-statefile.patch
@@ -0,0 +1,96 @@
+Index: logrotate.c
+===================================================================
+--- logrotate.c (revision 314)
++++ logrotate.c (working copy)
+@@ -45,6 +45,12 @@
+ #define GLOB_ABORTED GLOB_ABEND
+ #endif
+
++#ifdef PATH_MAX
++#define STATEFILE_BUFFER_SIZE 2 * PATH_MAX + 16
++#else
++#define STATEFILE_BUFFER_SIZE 4096
++#endif
++
+ struct logState {
+ char *fn;
+ struct tm lastRotated; /* only tm.mon, tm_mday, tm_year are good! */
+@@ -82,6 +88,34 @@
+ return 1;
+ }
+
++static void unescape(char *arg)
++{
++ char *p = arg;
++ char *next;
++ char escaped;
++ while ((next = strchr(p, '\\')) != NULL) {
++
++ p = next;
++
++ switch (p[1]) {
++ case 'n':
++ escaped = '\n';
++ break;
++ case '\\':
++ escaped = '\\';
++ break;
++ default:
++ ++p;
++ continue;
++ }
++
++ /* Overwrite the backslash with the intended character,
++ * and shift everything down one */
++ *p++ = escaped;
++ memmove(p, p+1, 1 + strlen(p+1));
++ }
++}
++
+ #define HASH_SIZE_MIN 64
+ static int allocateHash(void)
+ {
+@@ -1546,7 +1580,13 @@
+ for (chptr = p->fn; *chptr; chptr++) {
+ switch (*chptr) {
+ case '"':
++ case '\\':
+ fputc('\\', f);
++ break;
++ case '\n':
++ fputc('\\', f);
++ fputc('n', f);
++ continue;
+ }
+
+ fputc(*chptr, f);
+@@ -1567,7 +1607,8 @@
+ static int readState(char *stateFilename)
+ {
+ FILE *f;
+- char buf[1024];
++ char buf[STATEFILE_BUFFER_SIZE];
++ char *filename;
+ const char **argv;
+ int argc;
+ int year, month, day;
+@@ -1678,7 +1719,10 @@
+
+ year -= 1900, month -= 1;
+
+- if ((st = findState(argv[0])) == NULL)
++ filename = strdup(argv[0]);
++ unescape(filename);
++
++ if ((st = findState(filename)) == NULL)
+ return 1;
+
+ st->lastRotated.tm_mon = month;
+@@ -1690,6 +1734,7 @@
+ st->lastRotated = *localtime(&lr_time);
+
+ free(argv);
++ free(filename);
+ }
+
+ fclose(f);