rpms/zoo/FC-3 zoo-2.10-CAN-2005-2349.patch, NONE, 1.1 zoo-2.10-febz-183426.patch, NONE, 1.1 zoo-gcc.patch, NONE, 1.1 zoo-return.patch, NONE, 1.1 zoo-security_pathsize.patch, NONE, 1.1 zoo.patch, NONE, 1.1 .cvsignore, 1.2, 1.3 sources, 1.2, 1.3 zoo.spec, 1.5, 1.6 zoo-2.10-pathsize-security.patch, 1.1, NONE zoo-gcc4.patch, 1.1, NONE
Nicolas Mailhot (nim)
fedora-extras-commits at redhat.com
Sat Mar 4 13:42:14 UTC 2006
Author: nim
Update of /cvs/extras/rpms/zoo/FC-3
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv32233/FC-3
Modified Files:
.cvsignore sources zoo.spec
Added Files:
zoo-2.10-CAN-2005-2349.patch zoo-2.10-febz-183426.patch
zoo-gcc.patch zoo-return.patch zoo-security_pathsize.patch
zoo.patch
Removed Files:
zoo-2.10-pathsize-security.patch zoo-gcc4.patch
Log Message:
auto-import zoo-2.10-7.fc3 on branch FC-3 from zoo-2.10-7.fc3.src.rpm
rebase on opensuse package, CVE-2006-0855 fix #2, bz #183109 fix
zoo-2.10-CAN-2005-2349.patch:
--- NEW FILE zoo-2.10-CAN-2005-2349.patch ---
--- portable.c
+++ portable.c
@@ -364,6 +364,31 @@
show_dir(direntry);
}
#endif
+ char *p;
+ /* take off '../' */
+ while ((p = strstr( direntry->dirname, "../" )) != NULL) {
+ while (*(p+3) != '\0') {
+ *p = *(p + 3);
+ p++;
+ }
+ *p = *(p+3); /* move last null */
+ //printf("zoo: skipped \"../\" path component in '%s'\n", direntry->dirname);
+ }
+ /* take off '/' */
+ if ( direntry->dirname[0] == '/' ) {
+ p = direntry->dirname;
+ while (*p != '\0') {
+ *p = *(p + 1);
+ p++;
+ }
+ *p = *(p+1); /* move last null */
+ //printf("zoo: skipped \"/\" path component in '%s'\n", direntry->dirname);
+ }
+ /* take off '..' */
+ if(!strcmp(direntry->dirname, ".."))
+ direntry->dirname[0] = '\0';
+ /* direntry->dirlen = strlen(direntry->dirname); */
+
return (0);
}
zoo-2.10-febz-183426.patch:
--- NEW FILE zoo-2.10-febz-183426.patch ---
diff -uNr zoo/parse.c zoo.new/parse.c
--- zoo/parse.c 1991-07-11 21:07:34.000000000 +0200
+++ zoo.new/parse.c 2006-03-04 14:17:50.000000000 +0100
@@ -39,7 +39,7 @@
char *namep; /* points to relevant part of tempname */
char *p;
- strcpy (tempname, fname);
+ strncpy(tempname, fname, LFNAMESIZE);
#ifdef DEBUG
printf ("parse: supplied name is [%s].\n", tempname);
zoo-gcc.patch:
--- NEW FILE zoo-gcc.patch ---
diff -uNr zoo.orig/makefile zoo/makefile
--- zoo.orig/makefile 1992-07-27 06:01:40.000000000 +0200
+++ zoo/makefile 2002-11-25 16:41:06.000000000 +0100
@@ -21,7 +21,7 @@
CC = cc
CFLAGS =
MODEL =
-EXTRA = -DBIG_MEM -DNDEBUG
+EXTRA = -DBIG_MEM -DNDEBUG -DANSI_PROTO
LINTFLAGS = -DLINT
OPTIM = -O
DESTDIR = /usr/local/bin
diff -uNr zoo.orig/options.h zoo/options.h
--- zoo.orig/options.h 1991-07-11 21:07:32.000000000 +0200
+++ zoo/options.h 2002-11-25 16:41:30.000000000 +0100
@@ -104,7 +104,7 @@
#define GETTZ
#define FATTR
#define T_SIGNAL int
-#define VARARGS
+#define STDARG
#define NEED_MEMMOVE
#define T_UINT16 unsigned short /* must be 16 bit unsigned */
#define HAVE_ISATTY
zoo-return.patch:
--- NEW FILE zoo-return.patch ---
--- ar.h
+++ ar.h
@@ -116,7 +116,9 @@
void move_left();
#else
# define MOVE_LEFT memmove
+# ifndef ANSI_HDRS
extern VOIDPTR memmove();
+# endif
#endif
#if 0
--- bsd.c
+++ bsd.c
@@ -104,4 +104,5 @@
seekpos = lseek(fd, 0L, SEEK_CUR);
if (seekpos >= 0)
return ftruncate(fd, seekpos);
+ return 0;
}
--- mstime.i
+++ mstime.i
@@ -12,6 +12,7 @@
Function mstime() converts time in seconds since January 1 of BASEYEAR
to MS-DOS format date and time.
*/
+void
mstime(longtime, date, time)
long longtime; /* input: seconds since Jan 1, BASEYEAR */
int *date, *time; /* output: MS-DOS format date and time */
--- nixtime.i
+++ nixtime.i
@@ -36,6 +36,7 @@
(tm->tm_hour << 11);
}
+ return 0;
}
/*****************
--- options.h
+++ options.h
@@ -157,11 +157,13 @@
#define GETTZ
#define FATTR
#define T_SIGNAL void
+#define STDARG
/* #define VARARGS */
/* #define NEED_MEMMOVE */
#define T_UINT16 unsigned short /* must be 16 bit unsigned */
#define HAVE_ISATTY
/* #define NEED_VPRINTF */
+#define BSD4_3 /* for I/O definitions */
#endif /* BSD4_4 */
/***********************************************************************/
zoo-security_pathsize.patch:
--- NEW FILE zoo-security_pathsize.patch ---
--- misc.c
+++ misc.c
@@ -135,11 +135,17 @@
char *fullpath (direntry)
struct direntry *direntry;
{
- static char result[PATHSIZE];
+ static char result[PATHSIZE+LFNAMESIZE+12]; /* Room for enough space.*/
combine (result,
direntry->dirlen != 0 ? direntry->dirname : "",
(direntry->namlen != 0) ? direntry->lfname : direntry->fname
);
+
+ if (strlen (result) >= PATHSIZE) {
+ prterror ('f', "Combined dirname and filename too long!\n");
+ *result = '\0';
+ }
+
return (result);
}
zoo.patch:
--- NEW FILE zoo.patch ---
--- basename.c
+++ basename.c
@@ -18,7 +18,7 @@
/* This function strips device/directory information from
a pathname and returns just the plain filename */
-void basename (pathname, fname)
+void my_basename (pathname, fname)
char *pathname;
char fname[];
{
--- makefile
+++ makefile
@@ -18,13 +18,13 @@
MAKE = make # needed for some systems e.g. older BSD
-CC = cc
+CC = gcc
CFLAGS =
MODEL =
EXTRA = -DBIG_MEM -DNDEBUG
LINTFLAGS = -DLINT
OPTIM = -O
-DESTDIR = /usr/local/bin
+DESTDIR = /usr/bin
#List of all object files created for Zoo
ZOOOBJS = addbfcrc.o addfname.o basename.o comment.o crcdefs.o \
@@ -107,10 +107,10 @@
convex:
$(MAKE) CFLAGS="-c $(OPTIM) -DBSD4_3 -DANSI_HDRS" $(TARGETS)
-# Linux 0.96c, gcc 2.2.2
+# Linux 2.0.0, gcc 2.7.2
linux:
$(MAKE) \
- CFLAGS="-c -O2 -DBSD4_3 -DANSI_HDRS -DLINUX" \
+ CFLAGS="-c $(OPTIM) -DBSD4_4 -DANSI_HDRS -DLINUX" \
$(TARGETS)
# linux as above, static linked
--- options.h
+++ options.h
@@ -89,7 +89,7 @@
/***********************************************************************/
#ifdef BSD4_3
-#define NOSTRCHR /* not really needed for 4.3BSD */
+/* #define NOSTRCHR */ /* not really needed for 4.3BSD */
#define FILTER
#define IO_MACROS
#define EXISTS(f) (access(f, 00) == 0)
--- various.h
+++ various.h
@@ -26,6 +26,7 @@
#ifdef ANSI_HDRS /* if not defined in stdio.h */
# include <string.h>
# include <stdlib.h>
+# include <time.h>
#else
FILE *fdopen PARMS ((int, char *));
FILE *fopen PARMS ((char *, char *));
--- zooadd.c
+++ zooadd.c
@@ -132,7 +132,7 @@
if (zoo_file == NOFILE)
prterror ('f', could_not_open, zoo_path);
-basename(zoo_path, zoo_fname); /* get basename of archive */
+my_basename(zoo_path, zoo_fname); /* get basename of archive */
rootname (zoo_path, zoo_bak); /* name without extension */
strcat (zoo_bak, BACKUP_EXT); /* name of backup of this archive */
@@ -222,7 +222,7 @@
break;
}
- basename (this_path, this_fname); /* get just filename for later */
+ my_basename (this_path, this_fname); /* get just filename for later */
this_file = zooopen(this_path, Z_READ);
if (this_file == NOFILE) {
--- zoofns.h
+++ zoofns.h
@@ -85,7 +85,7 @@
void addfname PARMS ((char *, long, unsigned int, unsigned int,
unsigned, unsigned));
void add_version PARMS ((char *, struct direntry *));
-void basename PARMS ((char *, char []));
+void my_basename PARMS ((char *, char []));
void break_off PARMS ((void));
void close_file PARMS ((ZOOFILE));
void comment PARMS ((char *, char *));
Index: .cvsignore
===================================================================
RCS file: /cvs/extras/rpms/zoo/FC-3/.cvsignore,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- .cvsignore 8 Nov 2004 05:36:41 -0000 1.2
+++ .cvsignore 4 Mar 2006 13:42:13 -0000 1.3
@@ -1,2 +1 @@
-zoo_2.10-9.diff.gz
-zoo_2.10.orig.tar.gz
+zoo.tar.gz
Index: sources
===================================================================
RCS file: /cvs/extras/rpms/zoo/FC-3/sources,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- sources 8 Nov 2004 05:36:41 -0000 1.2
+++ sources 4 Mar 2006 13:42:13 -0000 1.3
@@ -1,2 +1 @@
-2dca488e015f6d6079fb3b2106bcbc5e zoo_2.10-9.diff.gz
-dca5f2cf71379a51ea1e66b25f1e0294 zoo_2.10.orig.tar.gz
+9419da66d2de4c59b405d5c59845a828 zoo.tar.gz
Index: zoo.spec
===================================================================
RCS file: /cvs/extras/rpms/zoo/FC-3/zoo.spec,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- zoo.spec 26 Feb 2006 22:44:41 -0000 1.5
+++ zoo.spec 4 Mar 2006 13:42:13 -0000 1.6
@@ -1,33 +1,45 @@
Name: zoo
Version: 2.10
-Release: 6%{?dist}
+Release: 7%{?dist}
Summary: File archiving utility with compression
Group: Applications/Archiving
License: Distributable
-Source: ftp://ftp.debian.org/debian/pool/non-free/z/zoo/zoo_2.10.orig.tar.gz
-Patch0: ftp://ftp.debian.org/debian/pool/non-free/z/zoo/zoo_2.10-9.diff.gz
-Patch1: zoo-2.10-tempfile.patch
-Patch2: zoo-gcc4.patch
-Patch3: zoo-2.10-pathsize-security.patch
+# There is no zoo upstream anymore so let's not pretend we have an authoritative source
+# This zoo.tar.gz archive was taken from opensuse
+Source: zoo.tar.gz
+Patch0: zoo.patch
+Patch1: zoo-%{version}-tempfile.patch
+Patch2: zoo-gcc.patch
+Patch3: zoo-%{version}-CAN-2005-2349.patch
+Patch4: zoo-return.patch
+Patch5: zoo-security_pathsize.patch
+Patch6: zoo-%{version}-febz-183426.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
+
%description
zoo is a file archiving utility for maintaining collections of files.
It uses Lempel-Ziv compression to provide space savings in the
range of 20 to 80 percent depending on the type of data. Written by
Rahul Dhesi, and posted to the USENET newsgroup comp.sources.misc.
+
%prep
-%setup -n zoo-2.10.orig
-%patch0 -p1 -b .debian
-%patch1 -p1 -b .tempfile
+%setup -q -n %{name}
+%patch0
+%patch1 -p1
%patch2 -p1 -b .gcc4
-%patch3 -p1 -b .pathsize
+%patch3 -b .can
+%patch4
+%patch5 -b .pathsize
+%patch6 -p1 -b .febz183426
+
%build
make %{?_smp_mflags} OPTIM="%{optflags}" linux
+
%install
rm -fr %{buildroot}
install -d -m 0755 %{buildroot}%{_bindir} \
@@ -36,15 +48,24 @@
install -m 0755 fiz zoo %{buildroot}%{_bindir}/
install -m 0644 fiz.1 zoo.1 %{buildroot}%{_mandir}/man1/
+
%clean
rm -fr %{buildroot}
+
%files
%defattr(0644, root, root, 0755)
%doc %{_mandir}/man1/*
%attr(0755,root,root) %{_bindir}/*
+
%changelog
+* Sat Mar 4 2006 Nicolas Mailhot <nicolas.mailhot at laposte.net> - 2.10-7
+- rebase on OpenSuse 2.10-866 package as the OpenSuse team did some nice
+ cleanups
+- drop our fix to CVE-2006-0855 for the OpenSuse one
+- add bug #183109 fix
+
* Sun Feb 26 2006 Nicolas Mailhot <nicolas.mailhot at laposte.net> - 2.10-6
- apply preliminary patch for bug #183109 (just to be sure)
--- zoo-2.10-pathsize-security.patch DELETED ---
--- zoo-gcc4.patch DELETED ---
More information about the fedora-extras-commits
mailing list