From 283e9a6079aa07c1d207d9503865c3283d10af1474a60639b386e1339f03e720 Mon Sep 17 00:00:00 2001
From: Philipp Thomas <pth@suse.com>
Date: Tue, 17 May 2011 14:59:23 +0000
Subject: [PATCH] - Avoid buffer overflow in filesys.cpp(dir_size).

OBS-URL: https://build.opensuse.org/package/show/network/boinc-client?expand=0&rev=11
---
 boinc-client-dynamic_buffers.patch | 41 ++++++++++++++++++++++++++++++
 boinc-client.changes               |  5 ++++
 boinc-client.spec                  |  3 +++
 3 files changed, 49 insertions(+)
 create mode 100644 boinc-client-dynamic_buffers.patch

diff --git a/boinc-client-dynamic_buffers.patch b/boinc-client-dynamic_buffers.patch
new file mode 100644
index 0000000..4c2753c
--- /dev/null
+++ b/boinc-client-dynamic_buffers.patch
@@ -0,0 +1,41 @@
+Index: lib/filesys.cpp
+===================================================================
+--- lib/filesys.cpp.orig	2011-05-16 18:13:03.000000000 +0200
++++ lib/filesys.cpp	2011-05-16 18:49:23.426248908 +0200
+@@ -36,6 +36,7 @@
+ #include <sys/time.h>
+ #include <unistd.h>
+ #include <dirent.h>
++#include <climits>
+ 
+ #ifdef HAVE_SYS_RESOURCE_H
+ #include <sys/resource.h>
+@@ -371,7 +372,8 @@ int dir_size(const char* dirpath, double
+     } while (FindNextFileA(hFind, &findData));
+ 	::FindClose(hFind);
+ #else
+-    char filename[256], subdir[256];
++    char filename[PATH_MAX];
++    char *subdir;
+     int retval=0;
+     DIRREF dirp;
+     double x;
+@@ -382,7 +384,7 @@ int dir_size(const char* dirpath, double
+     while (1) {
+         retval = dir_scan(filename, dirp, sizeof(filename));
+         if (retval) break;
+-        sprintf(subdir, "%s/%s", dirpath, filename);
++        asprintf(&subdir, "%s/%s", dirpath, filename);
+ 
+         if (is_dir(subdir)) {
+             if (recurse) {
+@@ -395,6 +397,9 @@ int dir_size(const char* dirpath, double
+             if (retval) continue;
+             size += x;
+         }
++
++        if(subdir != NULL)
++            free(subdir);
+     }
+     dir_close(dirp);
+ #endif
diff --git a/boinc-client.changes b/boinc-client.changes
index bb56168..eadded3 100644
--- a/boinc-client.changes
+++ b/boinc-client.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Mon May 16 18:49:58 CEST 2011 - pth@suse.de
+
+- Avoid buffer overflow in filesys.cpp(dir_size).
+
 -------------------------------------------------------------------
 Sun May  1 23:27:45 UTC 2011 - chris@computersalat.de
 
diff --git a/boinc-client.spec b/boinc-client.spec
index a3c8cd2..1875820 100644
--- a/boinc-client.spec
+++ b/boinc-client.spec
@@ -63,6 +63,8 @@ Patch4:         boinc-docbook2x.patch
 Patch5:         boinc-server.patch
 # PATCH-FIX-OPENSUSE saigkill@opensuse.org adds define HAVE_STRCASESRTR
 Patch6:         boinc-client-str_util.patch
+# PATCH-FIX-OPENSUSE pth@suse.de use asprintf to fix buffer overflow
+Patch7:         boinc-client-dynamic_buffers.patch
 #
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 
@@ -180,6 +182,7 @@ This package contains documentation files for %{name}.
 %patch4
 %patch5
 %patch6
+%patch7
 
 # Install user hints
 %{__install} -m0644 %{S:3} README.SUSE