From a5e3441a2b9f85c1c7bd9c333ae4f10171ccb3af Mon Sep 17 00:00:00 2001 From: Natanael Copa Date: Tue, 27 Jan 2015 07:52:26 +0000 Subject: main/sipsak: fix segfault due to use of strcasestr without _GNU_SOURCE Also fix off-by-one errors while at it which was found: https://github.com/sipwise/sipsak/commit/bf9d2417a1e73697873a5f5099dac4bb3eb4b2d9 fixes #3750 (cherry picked from commit e4e81d1b04308e8fca49211412d0ae4a47cdfe3b) --- main/sipsak/APKBUILD | 25 ++++++++++--- main/sipsak/fix-off-by-one-bugs.patch | 67 +++++++++++++++++++++++++++++++++++ main/sipsak/musl-fix-strcasestr.patch | 16 +++++++++ 3 files changed, 103 insertions(+), 5 deletions(-) create mode 100644 main/sipsak/fix-off-by-one-bugs.patch create mode 100644 main/sipsak/musl-fix-strcasestr.patch diff --git a/main/sipsak/APKBUILD b/main/sipsak/APKBUILD index 7de7586a6..41dd9c13c 100644 --- a/main/sipsak/APKBUILD +++ b/main/sipsak/APKBUILD @@ -2,7 +2,7 @@ # Maintainer: Leonardo Arena pkgname=sipsak pkgver=0.9.6 -pkgrel=2 +pkgrel=3 pkgdesc="SIP swiss army knife" url="http://sipsak.org/" arch="all" @@ -11,14 +11,23 @@ depends="" makedepends="openssl-dev" install="" subpackages="$pkgname-dbg $pkgname-doc" -source="http://downloads.sourceforge.net/project/sipsak.berlios/${pkgname}-${pkgver}-1.tar.gz" +source="http://downloads.sourceforge.net/project/sipsak.berlios/${pkgname}-${pkgver}-1.tar.gz + musl-fix-strcasestr.patch + fix-off-by-one-bugs.patch + " _builddir="$srcdir"/$pkgname-$pkgver prepare() { cd "$_builddir" update_config_sub || return 1 + for i in $source; do + case $i in + *.patch) msg $i; patch -p1 -i "$srcdir"/$i || return 1;; + esac + done } + build() { cd "$_builddir" ./configure \ @@ -37,6 +46,12 @@ package() { make DESTDIR="$pkgdir" install || return 1 } -md5sums="c4eb8e282902e75f4f040f09ea9d99d5 sipsak-0.9.6-1.tar.gz" -sha256sums="5064c56d482a080b6a4aea71821b78c21b59d44f6d1aa14c27429441917911a9 sipsak-0.9.6-1.tar.gz" -sha512sums="c2d62ddaf2ecc9616941cf002a0494d2f9c43747e6b527f8b1542e9b5ae143fc69b18fc140bd3f255896b0e8eb02f7d198cc1799a4041e2d0c95d90b653591fe sipsak-0.9.6-1.tar.gz" +md5sums="c4eb8e282902e75f4f040f09ea9d99d5 sipsak-0.9.6-1.tar.gz +fd7aa34ef656fc40b7ff186a670b4b60 musl-fix-strcasestr.patch +8fa15fbeadba6d319ae6bfbbb85b1bf7 fix-off-by-one-bugs.patch" +sha256sums="5064c56d482a080b6a4aea71821b78c21b59d44f6d1aa14c27429441917911a9 sipsak-0.9.6-1.tar.gz +98fbef70fa537a6c46f5641392b19d074ccc0d2c6e71bb903c69a7940dbab3cd musl-fix-strcasestr.patch +bc05de62df8a24492ce6d74f5ce1ec7149db5b7b56bbec941bdc6db038027fe9 fix-off-by-one-bugs.patch" +sha512sums="c2d62ddaf2ecc9616941cf002a0494d2f9c43747e6b527f8b1542e9b5ae143fc69b18fc140bd3f255896b0e8eb02f7d198cc1799a4041e2d0c95d90b653591fe sipsak-0.9.6-1.tar.gz +5a9f2679ef8b5e7a7d2db79e32c2a9ca304bd507804d86628231ad273cc08810bf3470f2b3fb5e873279d619669917f81fbf9bdfe74e83e3dfa6451aa4b62e85 musl-fix-strcasestr.patch +4f4978924482d9d8b4a1167bf968cec8c3e705ea81cd8fe4b83873f408684d43cc166d0eeeb20f7a459ff9e02ddb0cac08644d5d6f77629557d07f96f9634605 fix-off-by-one-bugs.patch" diff --git a/main/sipsak/fix-off-by-one-bugs.patch b/main/sipsak/fix-off-by-one-bugs.patch new file mode 100644 index 000000000..e61af5762 --- /dev/null +++ b/main/sipsak/fix-off-by-one-bugs.patch @@ -0,0 +1,67 @@ +From bf9d2417a1e73697873a5f5099dac4bb3eb4b2d9 Mon Sep 17 00:00:00 2001 +From: Richard Fuchs +Date: Thu, 1 Aug 2013 11:21:09 -0400 +Subject: [PATCH] fix string off-by-one bugs + +--- + helper.c | 18 +++++++++--------- + 1 file changed, 9 insertions(+), 9 deletions(-) + +diff --git a/helper.c b/helper.c +index b09963c..4fbbae5 100644 +--- a/helper.c ++++ b/helper.c +@@ -508,12 +508,12 @@ void get_fqdn(){ + memset(&hlp, 0, sizeof(hlp)); + + if (hostname) { +- strncpy(fqdn, hostname, FQDN_SIZE); +- strncpy(hname, hostname, 100); ++ strncpy(fqdn, hostname, FQDN_SIZE-1); ++ strncpy(hname, hostname, sizeof(hname)-1); + } + else { + if ((uname(&un))==0) { +- strncpy(hname, un.nodename, 100); ++ strncpy(hname, un.nodename, sizeof(hname)-1); + } + else { + if (gethostname(&hname[0], namelen) < 0) { +@@ -532,7 +532,7 @@ void get_fqdn(){ + snprintf(fqdn, FQDN_SIZE, "%s.%s", hname, dname); + } + else { +- strncpy(fqdn, hname, FQDN_SIZE); ++ strncpy(fqdn, hname, FQDN_SIZE-1); + } + #endif + } +@@ -541,15 +541,15 @@ void get_fqdn(){ + he=gethostbyname(hname); + if (he) { + if (numeric == 1) { +- snprintf(hlp, 15, "%s", inet_ntoa(*(struct in_addr *) he->h_addr_list[0])); +- strncpy(fqdn, hlp, FQDN_SIZE); ++ snprintf(hlp, sizeof(hlp), "%s", inet_ntoa(*(struct in_addr *) he->h_addr_list[0])); ++ strncpy(fqdn, hlp, FQDN_SIZE-1); + } + else { + if ((strchr(he->h_name, '.'))!=NULL && (strchr(hname, '.'))==NULL) { +- strncpy(fqdn, he->h_name, FQDN_SIZE); ++ strncpy(fqdn, he->h_name, FQDN_SIZE-1); + } + else { +- strncpy(fqdn, hname, FQDN_SIZE); ++ strncpy(fqdn, hname, FQDN_SIZE-1); + } + } + } +@@ -561,7 +561,7 @@ void get_fqdn(){ + if ((strchr(fqdn, '.'))==NULL) { + if (hostname) { + fprintf(stderr, "warning: %s is not resolvable... continouing anyway\n", fqdn); +- strncpy(fqdn, hostname, FQDN_SIZE); ++ strncpy(fqdn, hostname, FQDN_SIZE-1); + } + else { + fprintf(stderr, "error: this FQDN or IP is not valid: %s\n", fqdn); diff --git a/main/sipsak/musl-fix-strcasestr.patch b/main/sipsak/musl-fix-strcasestr.patch new file mode 100644 index 000000000..b5f11cbba --- /dev/null +++ b/main/sipsak/musl-fix-strcasestr.patch @@ -0,0 +1,16 @@ +This fixes segfault: +http://bugs.alpinelinux.org/issues/3750 + +diff --git a/sipsak.h b/sipsak.h +index 8f5d283..f9b1b49 100644 +--- a/sipsak.h ++++ b/sipsak.h +@@ -57,7 +57,7 @@ + #endif + + #ifdef HAVE_STRCASESTR +-# define __USE_GNU ++# define _GNU_SOURCE + # define STRCASESTR(s1,s2) strcasestr(s1,s2) + #else + # define STRCASESTR(s1,s2) strstr(s1,s2) -- cgit v1.2.3