head 1.7; access; symbols OPENPKG_E1_MP_HEAD:1.7 OPENPKG_E1_MP:1.7 OPENPKG_E1_MP_2_STABLE:1.6.6.1 OPENPKG_E1_FP:1.6.6.1 OPENPKG_2_STABLE_MP:1.7 OPENPKG_2_STABLE_20061018:1.6.6.1 OPENPKG_2_STABLE_20060622:1.6 OPENPKG_2_STABLE:1.6.0.6 OPENPKG_2_STABLE_BP:1.6 OPENPKG_2_5_RELEASE:1.6 OPENPKG_2_5_SOLID:1.6.0.4 OPENPKG_2_5_SOLID_BP:1.6 OPENPKG_2_4_RELEASE:1.6 OPENPKG_2_4_SOLID:1.6.0.2 OPENPKG_2_4_SOLID_BP:1.6 OPENPKG_CW_FP:1.6 OPENPKG_2_3_RELEASE:1.5 OPENPKG_2_3_SOLID:1.5.0.6 OPENPKG_2_3_SOLID_BP:1.5 OPENPKG_2_2_RELEASE:1.5 OPENPKG_2_2_SOLID:1.5.0.4 OPENPKG_2_2_SOLID_BP:1.5 OPENPKG_2_1_RELEASE:1.5 OPENPKG_2_1_SOLID:1.5.0.2 OPENPKG_2_1_SOLID_BP:1.5 OPENPKG_2_0_RELEASE:1.4 OPENPKG_2_0_SOLID:1.4.0.2 OPENPKG_2_0_SOLID_BP:1.4 OPENPKG_1_3_RELEASE:1.3.2.1 OPENPKG_1_3_SOLID:1.3.2.1.0.2 OPENPKG_1_3_SOLID_BP:1.3.2.1 OPENPKG_1_STABLE_MP:1.3 OPENPKG_1_1_SOLID:1.3.0.6 OPENPKG_1_2_SOLID:1.3.0.4 OPENPKG_1_STABLE:1.3.0.2; locks; strict; comment @# @; 1.7 date 2006.07.02.13.37.43; author cs; state Exp; branches; next 1.6; commitid h89HdtwCfm1b1iDr; 1.6 date 2005.03.11.21.19.32; author rse; state Exp; branches 1.6.6.1; next 1.5; 1.5 date 2004.05.23.07.05.16; author rse; state Exp; branches; next 1.4; 1.4 date 2003.10.30.13.40.53; author ms; state Exp; branches; next 1.3; 1.3 date 2003.07.10.09.54.30; author thl; state Exp; branches 1.3.2.1 1.3.4.1 1.3.6.1; next 1.2; 1.2 date 2003.07.10.09.11.05; author rse; state Exp; branches; next 1.1; 1.1 date 2003.03.06.21.23.50; author ms; state Exp; branches; next ; 1.6.6.1 date 2006.10.16.14.51.15; author rse; state Exp; branches; next ; commitid iZxwRSmmWscPXUQr; 1.3.2.1 date 2003.07.10.09.58.30; author thl; state Exp; branches; next ; 1.3.4.1 date 2003.07.10.10.04.45; author thl; state Exp; branches; next ; 1.3.6.1 date 2003.07.10.10.10.48; author thl; state Exp; branches; next ; desc @@ 1.7 log @upgrading package: infozip 2.31.5.52 -> 2.32.5.52 @ text @--- zip-2.32/unix/configure 2006-02-18 06:58:56 +0100 +++ zip-2.32/unix/configure 2006-07-02 15:31:34 +0200 @@@@ -50,15 +50,9 @@@@ fi echo Check for the C preprocessor -# on SVR4, cc -E does not produce correct assembler files. Need /lib/cpp. -CPP="${CC} -E" -# solaris as(1) needs -P, maybe others as well ? -[ -f /usr/ccs/lib/cpp ] && CPP="/usr/ccs/lib/cpp -P" -[ -f /usr/lib/cpp ] && CPP=/usr/lib/cpp -[ -f /lib/cpp ] && CPP=/lib/cpp -[ -f /usr/bin/cpp ] && CPP=/usr/bin/cpp -[ -f /xenix ] && CPP="${CC} -E" -[ -f /lynx.os ] && CPP="${CC} -E" +# use the OpenPKG GCC cpp binary unconditionally, +# because on some platforms, the native one is broken +CPP="@@l_cpp@@" echo "#include " > conftest.c $CPP conftest.c >/dev/null 2>/dev/null || CPP="${CC} -E" @@@@ -74,7 +68,7 @@@@ echo "int foo() { return 0;}" > conftest.c $CC -c conftest.c >/dev/null 2>/dev/null echo Check if compiler generates underlines - nm conftest.o | grep "(^|[^_])foo" >/dev/null 2>/dev/null + nm conftest.o | grep "[^_]foo" >/dev/null 2>/dev/null [ $? -eq 0 ] && CPP="${CPP} -DNO_UNDERLINE" if eval "$CPP crc_i386.S > _crc_i386.s 2>/dev/null"; then if eval "$CC -c _crc_i386.s >/dev/null 2>/dev/null" && [ -f _crc_i386.o ] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0282 Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence. @ 1.6 log @upgrading package: infozip 2.3.5.52 -> 2.31.5.52 @ text @d1 4 a4 4 --- zip-2.31/unix/configure 1999-04-27 21:49:05.000000000 +0200 +++ zip-2.31/unix/configure 2003-03-06 21:46:09.399540000 +0100 @@@@ -17,15 +17,9 @@@@ LN="ln -s" d20 3 a22 3 echo Check if we can use asm code OBJA="" @@@@ -38,7 +38,7 @@@@ @ 1.6.6.1 log @Mass merge from CURRENT to 2-STABLE (all packages except those of JUNK class) @ text @d1 4 a4 4 --- zip-2.32/unix/configure 2006-02-18 06:58:56 +0100 +++ zip-2.32/unix/configure 2006-07-02 15:31:34 +0200 @@@@ -50,15 +50,9 @@@@ fi d20 3 a22 3 echo "#include " > conftest.c $CPP conftest.c >/dev/null 2>/dev/null || CPP="${CC} -E" @@@@ -74,7 +68,7 @@@@ @ 1.5 log @upgrading package: infozip 2.3.5.50 -> 2.3.5.51 @ text @d1 2 a2 2 --- zip-2.3/unix/configure 1999-04-27 21:49:05.000000000 +0200 +++ zip-2.3/unix/configure 2003-03-06 21:46:09.399540000 +0100 @ 1.4 log @Do not depend anymore on the native CPP and use the OpenPKG GCC package's CPP instead @ text @a36 81 --- unzip-5.50/unix/unix.c.orig 2002-01-21 17:54:42.000000000 -0500 +++ unzip-5.50/unix/unix.c 2003-06-11 18:35:38.000000000 -0400 @@@@ -421,7 +421,8 @@@@ */ { char pathcomp[FILNAMSIZ]; /* path-component buffer */ - char *pp, *cp=(char *)NULL; /* character pointers */ + char *pp, *cp=(char *)NULL, /* character pointers */ + *dp=(char *)NULL; char *lastsemi=(char *)NULL; /* pointer to last semi-colon in pathcomp */ #ifdef ACORN_FTYPE_NFS char *lastcomma=(char *)NULL; /* pointer to last comma in pathcomp */ @@@@ -429,6 +430,7 @@@@ #endif int quote = FALSE; /* flags */ int killed_ddot = FALSE; /* is set when skipping "../" pathcomp */ + int snarf_ddot = FALSE; /* Is set while scanning for "../" */ int error = MPN_OK; register unsigned workch; /* hold the character being tested */ @@@@ -467,6 +469,9 @@@@ while ((workch = (uch)*cp++) != 0) { if (quote) { /* if character quoted, */ + if ((pp == pathcomp) && (workch == '.')) + /* Oh no you don't... */ + goto ddot_hack; *pp++ = (char)workch; /* include it literally */ quote = FALSE; } else @@@@ -481,15 +486,44 @@@@ break; case '.': - if (pp == pathcomp) { /* nothing appended yet... */ + if (pp == pathcomp) { +ddot_hack: + /* nothing appended yet... */ if (*cp == '/') { /* don't bother appending "./" to */ ++cp; /* the path: skip behind the '/' */ break; - } else if (!uO.ddotflag && *cp == '.' && cp[1] == '/') { - /* "../" dir traversal detected */ - cp += 2; /* skip over behind the '/' */ - killed_ddot = TRUE; /* set "show message" flag */ - break; + } else if (!uO.ddotflag) { + + /* + * SECURITY: Skip past control characters if the user + * didn't OK use of absolute pathnames. lhh - this is + * a very quick, ugly, inefficient fix. + */ + dp = cp; + do { + workch = (uch)(*dp); + if (workch == '/' && snarf_ddot) { + /* "../" dir traversal detected */ + cp = dp + 1; /* skip past the '/' */ + killed_ddot = TRUE; /* set "show msg" flag */ + break; + } else if (workch == '.' && !snarf_ddot) { + snarf_ddot = TRUE; + } else if (isprint(workch) || + ((workch > 127) && (workch <= 254))) { + /* + * Since we found a printable, non-ctrl char, + * we can stop looking for '../', the amount + * in ../! + */ + break; + } + + dp++; + } while (*dp != 0); + + if (killed_ddot) + break; } } *pp++ = '.'; @ 1.3 log @SA-2003.033-infozip; CAN-2003-0282 @ text @d3 19 @ 1.3.6.1 log @MFS: SA-2003.033-infozip; CAN-2003-0282 @ text @@ 1.3.4.1 log @MFS: SA-2003.033-infozip; CAN-2003-0282 @ text @@ 1.3.2.1 log @MFC: SA-2003.033-infozip; CAN-2003-0282 @ text @@ 1.2 log @fix version; fix patching @ text @d12 87 @ 1.1 log @upgrading package: infozip 20020419 -> 20030306 @ text @d1 2 a2 3 diff -Naur infozip-20020419.orig/zip-2.3/unix/configure infozip-20020419/zip-2.3/unix/configure --- infozip-20020419.orig/zip-2.3/unix/configure 1999-04-27 21:49:05.000000000 +0200 +++ infozip-20020419/zip-2.3/unix/configure 2003-03-06 21:46:09.399540000 +0100 @