diff --git a/xrdb-1.0.7.tar.bz2 b/xrdb-1.0.7.tar.bz2 deleted file mode 100644 index e23cce2..0000000 --- a/xrdb-1.0.7.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:0c70a433f78c1dd3bf02e44e03a7534f3fe3ff45643ecbd7844d0ca3c74157b1 -size 118037 diff --git a/xrdb-1.0.9.tar.bz2 b/xrdb-1.0.9.tar.bz2 new file mode 100644 index 0000000..5ee614b --- /dev/null +++ b/xrdb-1.0.9.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:642401e12996efe3e5e5307a245e24c282b94a44c1f147e177c8484b862aeab7 +size 118971 diff --git a/xrdb-Create-shell-escape-safe-cpp-options-in-the-non-path-bnc674733.patch b/xrdb-Create-shell-escape-safe-cpp-options-in-the-non-path-bnc674733.patch deleted file mode 100644 index 496717d..0000000 --- a/xrdb-Create-shell-escape-safe-cpp-options-in-the-non-path-bnc674733.patch +++ /dev/null @@ -1,182 +0,0 @@ -From 3d0c8e2cacf69723e7e8faf7ce441b9802e2d9a0 Mon Sep 17 00:00:00 2001 -From: Matthias Hopf -Date: Tue, 1 Mar 2011 19:37:34 +0100 -Subject: [PATCH] Create shell-escape-safe cpp options in the non-pathetic-cpp case. - -Fixes CVE-2011-0465. - -Signed-off-by: Matthias Hopf -Reviewed-by: Adam Jackson ---- - xrdb.c | 79 +++++++++++++++++++++++++++++++++++++++++++++++++++------------- - 1 files changed, 63 insertions(+), 16 deletions(-) - -diff --git a/xrdb.c b/xrdb.c -index c3ef0fd..ea698b9 100644 ---- a/xrdb.c -+++ b/xrdb.c -@@ -142,6 +142,8 @@ static Entries newDB; - - static void fatal(char *, ...); - static void addstring ( String *arg, const char *s ); -+static void addescapedstring ( String *arg, const char *s ); -+static void addtokstring ( String *arg, const char *s ); - static void FormatEntries ( Buffer *buffer, Entries *entries ); - static void StoreProperty ( Display *dpy, Window root, Atom res_prop ); - static void Process ( int scrno, Bool doScreen, Bool execute ); -@@ -433,14 +435,20 @@ AddDef(String *buff, char *title, char *value) - addstring(buff, " -D"); - } else - addstring(buff, "-D"); -- addstring(buff, title); -+ addtokstring(buff, title); - if (value && (value[0] != '\0')) { - addstring(buff, "="); -- addstring(buff, value); -+ addescapedstring(buff, value); - } - } - - static void -+AddSimpleDef(String *buff, char *title) -+{ -+ AddDef(buff, title, (char *)NULL); -+} -+ -+static void - AddDefQ(String *buff, char *title, char *value) - { - #ifdef PATHETICCPP -@@ -449,8 +457,9 @@ AddDefQ(String *buff, char *title, char *value) - else - #endif - if (value && (value[0] != '\0')) { -- AddDef(buff, title, "\""); -- addstring(buff, value); -+ AddSimpleDef(buff, title); -+ addstring(buff, "=\""); -+ addescapedstring(buff, value); - addstring(buff, "\""); - } else - AddDef(buff, title, NULL); -@@ -465,24 +474,28 @@ AddNum(String *buff, char *title, int value) - } - - static void --AddSimpleDef(String *buff, char *title) -+AddDefTok(String *buff, char *prefix, char *title) - { -- AddDef(buff, title, (char *)NULL); -+ char name[512]; -+ -+ snprintf(name, sizeof(name), "%s%s", prefix, title); -+ AddSimpleDef(buff, name); - } - - static void --AddDefTok(String *buff, char *prefix, char *title) -+AddDefHostname(String *buff, char *title, char *value) - { - char *s; - char name[512]; - char c; - -- snprintf(name, sizeof(name), "%s%s", prefix, title); -+ strncpy (name, value, sizeof(name)-1); -+ name[sizeof(name)-1] = '\0'; - for (s = name; (c = *s); s++) { -- if (!isalpha(c) && !isdigit(c) && c != '_') -+ if (!isalpha(c) && !isdigit(c) && c != '_' && c != '.' && c != ':' && c != '-') - *s = '_'; - } -- AddSimpleDef(buff, name); -+ AddDef(buff, title, name); - } - - static void -@@ -502,7 +515,7 @@ AddUndef(String *buff, char *title) - addstring(buff, " -U"); - } else - addstring(buff, "-U"); -- addstring(buff, title); -+ addtokstring(buff, title); - } - - static void -@@ -565,11 +578,11 @@ DoDisplayDefines(Display *display, String *defs, char *host) - } - if (!*server || !strcmp(server, "unix") || !strcmp(server, "localhost")) - strcpy(server, client); -- AddDef(defs, "HOST", server); /* R3 compatibility */ -- AddDef(defs, "SERVERHOST", server); -+ AddDefHostname(defs, "HOST", server); /* R3 compatibility */ -+ AddDefHostname(defs, "SERVERHOST", server); - AddDefTok(defs, "SRVR_", server); - AddNum(defs, "DISPLAY_NUM", n); -- AddDef(defs, "CLIENTHOST", client); -+ AddDefHostname(defs, "CLIENTHOST", client); - AddDefTok(defs, "CLNT_", client); - AddNum(defs, "VERSION", ProtocolVersion(display)); - AddNum(defs, "REVISION", ProtocolRevision(display)); -@@ -612,7 +625,7 @@ DoScreenDefines(Display *display, int scrno, String *defs) - AddNum(defs, "Y_RESOLUTION", Resolution(screen->height,screen->mheight)); - AddNum(defs, "PLANES", DisplayPlanes(display, scrno)); - AddNum(defs, "BITS_PER_RGB", visual->bits_per_rgb); -- AddDef(defs, "CLASS", ClassNames[visual->class]); -+ AddDefQ(defs, "CLASS", ClassNames[visual->class]); - snprintf(name, sizeof(name), "CLASS_%s", ClassNames[visual->class]); - AddNum(defs, name, (int)visual->visualid); - switch(visual->class) { -@@ -780,6 +793,40 @@ addstring(String *arg, const char *s) - arg->used += strlen(s); - } - -+static void -+addescapedstring(String *arg, const char *s) -+{ -+ char copy[512], *c; -+ -+ for (c = copy; *s && c < ©[sizeof(copy)-1]; s++) { -+ switch (*s) { -+ case '"': case '\'': case '`': -+ case '$': case '\\': -+ *c++ = '_'; -+ break; -+ default: -+ *c++ = *s; -+ } -+ } -+ *c = 0; -+ addstring (arg, copy); -+} -+ -+static void -+addtokstring(String *arg, const char *s) -+{ -+ char copy[512], *c; -+ -+ for (c = copy; *s && c < ©[sizeof(copy)-1]; s++) { -+ if (!isalpha(*s) && !isdigit(*s) && *s != '_') -+ *c++ = '_'; -+ else -+ *c++ = *s; -+ } -+ *c = 0; -+ addstring (arg, copy); -+} -+ - - int - main(int argc, char *argv[]) -@@ -892,7 +939,7 @@ main(int argc, char *argv[]) - continue; - } else if (arg[1] == 'I') { - addstring(&includes, " "); -- addstring(&includes, arg); -+ addescapedstring(&includes, arg); - continue; - } else if (arg[1] == 'U' || arg[1] == 'D') { - if (num_cmd_defines < MAX_CMD_DEFINES) { --- -1.7.1 - diff --git a/xrdb-traditional-cpp.diff b/xrdb-traditional-cpp.diff deleted file mode 100644 index 5f09119..0000000 --- a/xrdb-traditional-cpp.diff +++ /dev/null @@ -1,106 +0,0 @@ ---- xrdb.c.orig 2010-06-25 12:46:40.000000000 +0200 -+++ xrdb.c 2010-06-25 14:13:12.000000000 +0200 -@@ -142,6 +142,7 @@ - static Display *dpy; - static Buffer buffer; - static Entries newDB; -+static int cpp_option_in_use=0; - - static void fatal(char *, ...); - static void addstring ( String *arg, const char *s ); -@@ -807,6 +808,7 @@ - } else if (isabbreviation ("-cpp", arg, 2)) { - if (++i >= argc) Syntax (); - cpp_program = argv[i]; -+ cpp_option_in_use=1; - continue; - } else if (!strcmp ("-n", arg)) { - dont_execute = True; -@@ -1166,12 +1168,17 @@ - fclose(input); - (void) mktemp(tmpname3); - if((cmd = (char *) -- malloc(strlen(cpp_program) + strlen(includes.val) + -+ malloc(strlen(cpp_program) + strlen(includes.val) + strlen(" -traditional-cpp ") + - 1 + strlen(tmpname2) + 3 + strlen(tmpname3) + 1)) == - NULL) - fatal("%s: Out of memory\n", ProgramName); -- sprintf(cmd, "%s%s %s > %s", cpp_program, includes.val, -+ if (cpp_option_in_use)) { -+ sprintf(cmd, "%s%s %s > %s", cpp_program, includes.val, - tmpname2, tmpname3); -+ } else { -+ sprintf(cmd, "%s -traditional-cpp %s %s > %s", cpp_program, includes.val, -+ tmpname2, tmpname3); -+ } - if (system(cmd) < 0) - fatal("%s: cannot run '%s'\n", ProgramName, cmd); - free(cmd); -@@ -1185,10 +1192,14 @@ - fflush(stdin); - fseek(stdin, 0, 0); - if((cmd = (char *) -- malloc(strlen(cpp_program) + strlen(includes.val) + 1)) == -+ malloc(strlen(cpp_program) + strlen(" -traditional-cpp ") + strlen(includes.val) + 1)) == - NULL) - fatal("%s: Out of memory\n", ProgramName); -- sprintf(cmd, "%s%s", cpp_program, includes.val); -+ if (cpp_option_in_use) { -+ sprintf(cmd, "%s%s", cpp_program, includes.val); -+ } else { -+ sprintf(cmd, "%s -traditional-cpp %s", cpp_program, includes.val); -+ } - if (!(input = popen(cmd, "r"))) - fatal("%s: cannot run '%s'\n", ProgramName, cmd); - free(cmd); -@@ -1203,15 +1214,21 @@ - #ifdef WIN32 - (void) mktemp(tmpname3); - if((cmd = (char *) -- malloc(strlen(cpp_program) + strlen(includes.val) + -+ malloc(strlen(cpp_program) + strlen(" -traditional-cpp ") + strlen(includes.val) + - 1 + strlen(defines.val) + 1 + - strlen(filename ? filename : "") + 3 + - strlen(tmpname3) + 1)) == - NULL) - fatal("%s: Out of memory\n", ProgramName); -- sprintf(cmd, "%s%s %s %s > %s", cpp_program, -- includes.val, defines.val, -- filename ? filename : "", tmpname3); -+ if (cpp_option_in_use) { -+ sprintf(cmd, "%s%s %s %s > %s", cpp_program, -+ includes.val, defines.val, -+ filename ? filename : "", tmpname3); -+ } else { -+ sprintf(cmd, "%s -traditional-cpp %s %s %s > %s", cpp_program, -+ includes.val, defines.val, -+ filename ? filename : "", tmpname3); -+ } - if (system(cmd) < 0) - fatal("%s: cannot run '%s'\n", ProgramName, cmd); - free(cmd); -@@ -1219,14 +1236,20 @@ - fatal("%s: can't open file '%s'\n", ProgramName, tmpname3); - #else - if((cmd = (char *) -- malloc(strlen(cpp_program) + strlen(includes.val) + 1 + -+ malloc(strlen(cpp_program) + strlen(" -traditional-cpp ") + strlen(includes.val) + 1 + - strlen(defines.val) + 1 + - strlen(filename ? filename : "") + 1)) == - NULL) - fatal("%s: Out of memory\n", ProgramName); -- sprintf(cmd, "%s%s %s %s", cpp_program, -- includes.val, defines.val, -- filename ? filename : ""); -+ if (cpp_option_in_use) { -+ sprintf(cmd, "%s%s %s %s", cpp_program, -+ includes.val, defines.val, -+ filename ? filename : ""); -+ } else { -+ sprintf(cmd, "%s -traditional-cpp %s %s %s", cpp_program, -+ includes.val, defines.val, -+ filename ? filename : ""); -+ } - if (!(input = popen(cmd, "r"))) - fatal("%s: cannot run '%s'\n", ProgramName, cmd); - free(cmd); diff --git a/xrdb.changes b/xrdb.changes index 867547a..9e574a8 100644 --- a/xrdb.changes +++ b/xrdb.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Sat Apr 14 15:55:03 UTC 2012 - dimstar@opensuse.org + +- Update to version 1.0.9: + + Create shell-escape-safe cpp options in the non-pathetic-cpp + case (CVE-2011-0465). +- Changes from version 1.0.8: + + Merge usage() printf() strings/calls into a single string/call. + + Replace complex malloc calculations with asprintf(). + + Man page fixes. + + Build system fixes. +- Drop xrdb-Create-shell-escape-safe-cpp-options-in-the-non-path-bnc674733.patch: + fixed upstream. +- Drop xrdb-traditional-cpp.diff: obsoleted. + ------------------------------------------------------------------- Fri Apr 13 08:46:08 UTC 2012 - vuntz@opensuse.org diff --git a/xrdb.spec b/xrdb.spec index 0697eed..a750103 100644 --- a/xrdb.spec +++ b/xrdb.spec @@ -16,16 +16,13 @@ # Name: xrdb -Version: 1.0.7 -Release: 0 +Version: 1.0.9 +Release: 1 License: MIT Summary: X server resource database utility Url: http://xorg.freedesktop.org/ Group: System/X11/Utilities Source0: http://xorg.freedesktop.org/releases/individual/app/%{name}-%{version}.tar.bz2 -Patch0: xrdb-traditional-cpp.diff -# PATCH-FIX-UPSTREAM xrdb-Create-shell-escape-safe-cpp-options-in-the-non-path-bnc674733.patch -- Create shell-escape-safe cpp options in the non-pathetic-cpp case, already upstream -Patch1: xrdb-Create-shell-escape-safe-cpp-options-in-the-non-path-bnc674733.patch BuildRequires: pkg-config BuildRequires: pkgconfig(x11) BuildRequires: pkgconfig(xmuu) @@ -42,8 +39,6 @@ root window of any or all screens, or everything combined. %prep %setup -q -%patch0 -p0 -%patch1 -p1 %build %configure --with-cpp=%{_bindir}/cpp