From e26f14b36dfc9afc1041e69a6792cd44b6cf1aae Mon Sep 17 00:00:00 2001 From: Max Rees Date: Thu, 1 Aug 2019 03:32:55 -0500 Subject: user/plib: use standard CVE patch naming --- user/plib/APKBUILD | 8 ++--- user/plib/CVE-2011-4620.patch | 11 +++++++ user/plib/CVE-2012-4552.patch | 54 ++++++++++++++++++++++++++++++++ user/plib/plib-1.8.5-CVE-2011-4620.patch | 11 ------- user/plib/plib-1.8.5-CVE-2012-4552.patch | 54 -------------------------------- 5 files changed, 69 insertions(+), 69 deletions(-) create mode 100644 user/plib/CVE-2011-4620.patch create mode 100644 user/plib/CVE-2012-4552.patch delete mode 100644 user/plib/plib-1.8.5-CVE-2011-4620.patch delete mode 100644 user/plib/plib-1.8.5-CVE-2012-4552.patch (limited to 'user/plib') diff --git a/user/plib/APKBUILD b/user/plib/APKBUILD index fe02621ac..46a6ce3d6 100644 --- a/user/plib/APKBUILD +++ b/user/plib/APKBUILD @@ -14,8 +14,8 @@ subpackages="$pkgname-dev" source="http://plib.sourceforge.net/dist/plib-$pkgver.tar.gz fix-openflight.patch joystick.patch - plib-1.8.5-CVE-2011-4620.patch - plib-1.8.5-CVE-2012-4552.patch + CVE-2011-4620.patch + CVE-2012-4552.patch shared.patch " @@ -49,6 +49,6 @@ package() { sha512sums="17154cc77243fe576c2bcbcb0285b98aef1a0634658f5473e95fe0ac8fa3ed477dbe5620e44ccf0b7cc616f812af0cd44d6fcbba0c563180d3b61c9d6f158e1d plib-1.8.5.tar.gz fac9c78a57a0c564c46d586ebf541b45cf7dc838387498f3263bac78f0f78c53c85000667d6dfd349e328b1cd4254ac0d786dd825aefbe957f94e6d3b91ec41b fix-openflight.patch d9909c81fe2ed696c639623c532cb16a1378b0e2843ccbef00bb16bc6459cc7c708b2b0903dbdc89e6fb05522debd79f0f88b311bf12c3d415e303591033f0a8 joystick.patch -c046cf65e80629f238aaba724f522c31b434f5c9687ea02b019846ce3469c6b074bd014f81a7a4e6b43db7b084f4dcd9d4c04b557dbc1b8b8ca00f2d782fdf1c plib-1.8.5-CVE-2011-4620.patch -a09462ecb085703aae7cd3b77954cc800410aa37a9616255cca2f21456e6d5dcf8ead3f684c98236deb1455c6a034dc8ec874bafdbab003f7a63517ea1f8350d plib-1.8.5-CVE-2012-4552.patch +c046cf65e80629f238aaba724f522c31b434f5c9687ea02b019846ce3469c6b074bd014f81a7a4e6b43db7b084f4dcd9d4c04b557dbc1b8b8ca00f2d782fdf1c CVE-2011-4620.patch +a09462ecb085703aae7cd3b77954cc800410aa37a9616255cca2f21456e6d5dcf8ead3f684c98236deb1455c6a034dc8ec874bafdbab003f7a63517ea1f8350d CVE-2012-4552.patch 8f4fcbf3a07f64212b3ce891a4629fb45b1c62b251730a9d5f7da6e6fe65c39540f80519e97cf6a45c32f950f25e4d383ba891a6c0a92ae8a37089e51c0c5020 shared.patch" diff --git a/user/plib/CVE-2011-4620.patch b/user/plib/CVE-2011-4620.patch new file mode 100644 index 000000000..41fac5fe4 --- /dev/null +++ b/user/plib/CVE-2011-4620.patch @@ -0,0 +1,11 @@ +--- plib-1.8.5/src/util/ulError.cxx~ 2008-03-11 03:06:23.000000000 +0100 ++++ plib-1.8.5/src/util/ulError.cxx 2011-12-27 15:38:25.305676650 +0100 +@@ -39,7 +39,7 @@ void ulSetError ( enum ulSeverity severi + { + va_list argp; + va_start ( argp, fmt ) ; +- vsprintf ( _ulErrorBuffer, fmt, argp ) ; ++ vsnprintf ( _ulErrorBuffer, sizeof(_ulErrorBuffer), fmt, argp ) ; + va_end ( argp ) ; + + if ( _ulErrorCB ) diff --git a/user/plib/CVE-2012-4552.patch b/user/plib/CVE-2012-4552.patch new file mode 100644 index 000000000..78f1b22ae --- /dev/null +++ b/user/plib/CVE-2012-4552.patch @@ -0,0 +1,54 @@ +--- plib-1.8.5/src/ssg/ssgParser.cxx~ ++++ plib-1.8.5/src/ssg/ssgParser.cxx +@@ -57,18 +57,16 @@ void _ssgParser::error( const char *form + char msgbuff[ 255 ]; + va_list argp; + +- char* msgptr = msgbuff; +- if (linenum) +- { +- msgptr += sprintf ( msgptr,"%s, line %d: ", +- path, linenum ); +- } +- + va_start( argp, format ); +- vsprintf( msgptr, format, argp ); ++ vsnprintf( msgbuff, sizeof(msgbuff), format, argp ); + va_end( argp ); + +- ulSetError ( UL_WARNING, "%s", msgbuff ) ; ++ if (linenum) ++ { ++ ulSetError ( UL_WARNING, "%s, line %d: %s", path, linenum, msgbuff ) ; ++ } else { ++ ulSetError ( UL_WARNING, "%s", msgbuff ) ; ++ } + } + + +@@ -78,18 +76,16 @@ void _ssgParser::message( const char *fo + char msgbuff[ 255 ]; + va_list argp; + +- char* msgptr = msgbuff; +- if (linenum) +- { +- msgptr += sprintf ( msgptr,"%s, line %d: ", +- path, linenum ); +- } +- + va_start( argp, format ); +- vsprintf( msgptr, format, argp ); ++ vsnprintf( msgbuff, sizeof(msgbuff), format, argp ); + va_end( argp ); + +- ulSetError ( UL_DEBUG, "%s", msgbuff ) ; ++ if (linenum) ++ { ++ ulSetError ( UL_DEBUG, "%s, line %d: %s", path, linenum, msgbuff ) ; ++ } else { ++ ulSetError ( UL_DEBUG, "%s", msgbuff ) ; ++ } + } + + // Opens the file and does a few internal calculations based on the spec. diff --git a/user/plib/plib-1.8.5-CVE-2011-4620.patch b/user/plib/plib-1.8.5-CVE-2011-4620.patch deleted file mode 100644 index 41fac5fe4..000000000 --- a/user/plib/plib-1.8.5-CVE-2011-4620.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- plib-1.8.5/src/util/ulError.cxx~ 2008-03-11 03:06:23.000000000 +0100 -+++ plib-1.8.5/src/util/ulError.cxx 2011-12-27 15:38:25.305676650 +0100 -@@ -39,7 +39,7 @@ void ulSetError ( enum ulSeverity severi - { - va_list argp; - va_start ( argp, fmt ) ; -- vsprintf ( _ulErrorBuffer, fmt, argp ) ; -+ vsnprintf ( _ulErrorBuffer, sizeof(_ulErrorBuffer), fmt, argp ) ; - va_end ( argp ) ; - - if ( _ulErrorCB ) diff --git a/user/plib/plib-1.8.5-CVE-2012-4552.patch b/user/plib/plib-1.8.5-CVE-2012-4552.patch deleted file mode 100644 index 78f1b22ae..000000000 --- a/user/plib/plib-1.8.5-CVE-2012-4552.patch +++ /dev/null @@ -1,54 +0,0 @@ ---- plib-1.8.5/src/ssg/ssgParser.cxx~ -+++ plib-1.8.5/src/ssg/ssgParser.cxx -@@ -57,18 +57,16 @@ void _ssgParser::error( const char *form - char msgbuff[ 255 ]; - va_list argp; - -- char* msgptr = msgbuff; -- if (linenum) -- { -- msgptr += sprintf ( msgptr,"%s, line %d: ", -- path, linenum ); -- } -- - va_start( argp, format ); -- vsprintf( msgptr, format, argp ); -+ vsnprintf( msgbuff, sizeof(msgbuff), format, argp ); - va_end( argp ); - -- ulSetError ( UL_WARNING, "%s", msgbuff ) ; -+ if (linenum) -+ { -+ ulSetError ( UL_WARNING, "%s, line %d: %s", path, linenum, msgbuff ) ; -+ } else { -+ ulSetError ( UL_WARNING, "%s", msgbuff ) ; -+ } - } - - -@@ -78,18 +76,16 @@ void _ssgParser::message( const char *fo - char msgbuff[ 255 ]; - va_list argp; - -- char* msgptr = msgbuff; -- if (linenum) -- { -- msgptr += sprintf ( msgptr,"%s, line %d: ", -- path, linenum ); -- } -- - va_start( argp, format ); -- vsprintf( msgptr, format, argp ); -+ vsnprintf( msgbuff, sizeof(msgbuff), format, argp ); - va_end( argp ); - -- ulSetError ( UL_DEBUG, "%s", msgbuff ) ; -+ if (linenum) -+ { -+ ulSetError ( UL_DEBUG, "%s, line %d: %s", path, linenum, msgbuff ) ; -+ } else { -+ ulSetError ( UL_DEBUG, "%s", msgbuff ) ; -+ } - } - - // Opens the file and does a few internal calculations based on the spec. -- cgit v1.2.3-70-g09d2