aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMaxim Konovalov <maxim@FreeBSD.org>2005-04-26 03:26:54 +0000
committerMaxim Konovalov <maxim@FreeBSD.org>2005-04-26 03:26:54 +0000
commitd09f5ff51ce68f6593e7e588a2f527becbf2e1e8 (patch)
treef8d6f0b7874ad37123d4998b4916ebf89a25e4fb
parent0873e93df12c77e1b0640ad604c3401ec2056e70 (diff)
downloadsrc-d09f5ff51ce68f6593e7e588a2f527becbf2e1e8.tar.gz
src-d09f5ff51ce68f6593e7e588a2f527becbf2e1e8.zip
o Merge SA-05:05.cvs.
Approved by: so (nectar)
Notes
Notes: svn path=/releng/4.9/; revision=145540
-rw-r--r--UPDATING3
-rw-r--r--contrib/cvs/src/login.c2
-rw-r--r--contrib/cvs/src/patch.c7
-rw-r--r--contrib/cvs/src/rcs.c9
-rw-r--r--sys/conf/newvers.sh2
5 files changed, 14 insertions, 9 deletions
diff --git a/UPDATING b/UPDATING
index 38bf8b1013e7..d17d27cd1f57 100644
--- a/UPDATING
+++ b/UPDATING
@@ -17,6 +17,9 @@ minimal number of processes, if possible, for that patch. For those
updates that don't have an advisory, or to be safe, you can do a full
build and install as described in the COMMON ITEMS section.
+20050426: p16 FreeBSD-SA-05:05.cvs
+ Correct several vulnerabilities in CVS.
+
20050421: p15 FreeBSD-SA-05:04.ifconf
Zero a buffer in ifconf() in order to avoid accidental
disclosure of kernel memory to userland.
diff --git a/contrib/cvs/src/login.c b/contrib/cvs/src/login.c
index 58b2c7a2d836..16909dbed645 100644
--- a/contrib/cvs/src/login.c
+++ b/contrib/cvs/src/login.c
@@ -125,7 +125,7 @@ password_entry_parseline (cvsroot_canonical, warn, linenumber, linebuf)
if (isspace(*(linebuf + 1)))
/* special case since strtoul ignores leading white space */
- entry_version = 0;
+ q = linebuf + 1;
else
entry_version = strtoul (linebuf + 1, &q, 10);
diff --git a/contrib/cvs/src/patch.c b/contrib/cvs/src/patch.c
index e6a25f5ccb30..b7e1bcec375c 100644
--- a/contrib/cvs/src/patch.c
+++ b/contrib/cvs/src/patch.c
@@ -375,6 +375,7 @@ patch_fileproc (callerdat, finfo)
struct utimbuf t;
char *vers_tag, *vers_head;
char *rcs = NULL;
+ char *rcs_orig = NULL;
RCSNode *rcsfile;
FILE *fp1, *fp2, *fp3;
int ret = 0;
@@ -404,7 +405,7 @@ patch_fileproc (callerdat, finfo)
if ((rcsfile->flags & VALID) && (rcsfile->flags & INATTIC))
isattic = 1;
- rcs = xmalloc (strlen (finfo->file) + sizeof (RCSEXT) + 5);
+ rcs_orig = rcs = xmalloc (strlen (finfo->file) + sizeof (RCSEXT) + 5);
(void) sprintf (rcs, "%s%s", finfo->file, RCSEXT);
/* if vers_head is NULL, may have been removed from the release */
@@ -743,8 +744,8 @@ failed to read diff file header %s for %s: end of file", tmpfile3, rcs);
free (vers_tag);
if (vers_head != NULL)
free (vers_head);
- if (rcs != NULL)
- free (rcs);
+ if (rcs_orig)
+ free (rcs_orig);
return (ret);
}
diff --git a/contrib/cvs/src/rcs.c b/contrib/cvs/src/rcs.c
index ccf3cd5a1094..9fcfe933e85b 100644
--- a/contrib/cvs/src/rcs.c
+++ b/contrib/cvs/src/rcs.c
@@ -3034,8 +3034,7 @@ RCS_getdate (rcs, date, force_tag_match)
if (retval != NULL)
return (retval);
- if (!force_tag_match ||
- (vers != NULL && RCS_datecmp (vers->date, date) <= 0))
+ if (vers && (!force_tag_match || RCS_datecmp (vers->date, date) <= 0))
return (xstrdup (vers->version));
else
return (NULL);
@@ -4118,7 +4117,7 @@ RCS_checkout (rcs, workfile, rev, nametag, options, sout, pfn, callerdat)
size_t len;
int free_value = 0;
char *log = NULL;
- size_t loglen;
+ size_t loglen = 0;
Node *vp = NULL;
#ifdef PRESERVE_PERMISSIONS_SUPPORT
uid_t rcs_owner = (uid_t) -1;
@@ -7398,7 +7397,7 @@ RCS_deltas (rcs, fp, rcsbuf, version, op, text, len, log, loglen)
for (ln = 0; ln < headlines.nlines; ++ln)
{
- char buf[80];
+ char *buf;
/* Period which separates year from month in date. */
char *ym;
/* Period which separates month from day in date. */
@@ -7409,10 +7408,12 @@ RCS_deltas (rcs, fp, rcsbuf, version, op, text, len, log, loglen)
if (prvers == NULL)
prvers = vers;
+ buf = xmalloc (strlen (prvers->version) + 24);
sprintf (buf, "%-12s (%-8.8s ",
prvers->version,
prvers->author);
cvs_output (buf, 0);
+ free (buf);
/* Now output the date. */
ym = strchr (prvers->date, '.');
diff --git a/sys/conf/newvers.sh b/sys/conf/newvers.sh
index 2e61675a1c65..6c0d8b4fcb0f 100644
--- a/sys/conf/newvers.sh
+++ b/sys/conf/newvers.sh
@@ -36,7 +36,7 @@
TYPE="FreeBSD"
REVISION="4.9"
-BRANCH="RELEASE-p15"
+BRANCH="RELEASE-p16"
RELEASE="${REVISION}-${BRANCH}"
VERSION="${TYPE} ${RELEASE}"