From 2c704cf1f86315af64342b216a1ae5a7a54b92311a0f70ff04b1e46c55a89d8e Mon Sep 17 00:00:00 2001 From: Reinhard Max Date: Thu, 28 Jan 2010 12:06:21 +0000 Subject: [PATCH] Accepting request 30222 from Base:build Copy from Base:build/tcl via accept of submit request 30222 revision 4. Request was accepted with message: Thanks. OBS-URL: https://build.opensuse.org/request/show/30222 OBS-URL: https://build.opensuse.org/package/show/devel:languages:tcl/tcl?expand=0&rev=30 --- tcl-fortify.patch | 11 +++++++++++ tcl.changes | 5 +++++ tcl.spec | 2 ++ 3 files changed, 18 insertions(+) create mode 100644 tcl-fortify.patch diff --git a/tcl-fortify.patch b/tcl-fortify.patch new file mode 100644 index 0000000..e57fca6 --- /dev/null +++ b/tcl-fortify.patch @@ -0,0 +1,11 @@ +--- generic/tclTrace.c.orig 2010-01-21 12:38:47.000000000 +0100 ++++ generic/tclTrace.c 2010-01-21 12:55:05.000000000 +0100 +@@ -909,7 +909,7 @@ + } + ctvarPtr->traceCmdInfo.length = length; + flags |= TCL_TRACE_UNSETS | TCL_TRACE_RESULT_OBJECT; +- strcpy(ctvarPtr->traceCmdInfo.command, command); ++ memcpy(ctvarPtr->traceCmdInfo.command, command, length + 1); + ctvarPtr->traceInfo.traceProc = TraceVarProc; + ctvarPtr->traceInfo.clientData = (ClientData) + &ctvarPtr->traceCmdInfo; diff --git a/tcl.changes b/tcl.changes index a74a83f..a30c856 100644 --- a/tcl.changes +++ b/tcl.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Thu Jan 21 12:55:33 CET 2010 - rguenther@suse.de + +- Fix fortify violation in TraceVariableObjCmd. + ------------------------------------------------------------------- Wed Nov 18 16:18:20 CET 2009 - max@suse.de diff --git a/tcl.spec b/tcl.spec index 4be5922..3d72082 100644 --- a/tcl.spec +++ b/tcl.spec @@ -41,6 +41,7 @@ Source2: baselibs.conf Source3: macros.tcl Patch0: tcl.patch Patch1: tcl-unload.patch +Patch2: tcl-fortify.patch %description Tcl (Tool Command Language) is a very powerful but easy to learn @@ -88,6 +89,7 @@ Authors: %setup -q -n %name%version %patch0 %patch1 +%patch2 %build cd unix