ports/103810: [fix] devel/gsoap: buffer overrun in version 2.7.8c

Simun Mikecin numisemis at yahoo.com
Fri Sep 29 12:40:14 UTC 2006


>Number:         103810
>Category:       ports
>Synopsis:       [fix] devel/gsoap: buffer overrun in version 2.7.8c
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Sep 29 12:40:12 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator:     Simun Mikecin
>Release:        FreeBSD 5.2.1-RELEASE-p9 i386
>Organization:
>Environment:
System: FreeBSD mail.logos.hr 5.2.1-RELEASE-p9 FreeBSD 5.2.1-RELEASE-p9 #1: Mon Jul 26 14:07:00 CEST 2004 root at mail.logos.hr:/usr/obj/usr/src.5.2.1-R/sys/MAIL i386

>Description:
There is a buffer overrun by one byte in stdsoap2.c and stdsoap2.cpp. See:
http://sourceforge.net/tracker/index.php?func=detail&aid=1534483&group_id=52781&atid=468021
>How-To-Repeat:
>Fix:
diff -urN gsoap.orig/Makefile gsoap/Makefile
--- gsoap.orig/Makefile	Sat Aug 12 11:28:02 2006
+++ gsoap/Makefile	Fri Sep 29 14:20:16 2006
@@ -7,7 +7,7 @@
 
 PORTNAME=	gsoap
 PORTVERSION=	2.7.8c
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	devel
 MASTER_SITES=	${MASTER_SITE_SOURCEFORGE}
 MASTER_SITE_SUBDIR=	gsoap2
diff -urN gsoap.orig/files/patch-soapcpp2-stdsoap2.c gsoap/files/patch-soapcpp2-stdsoap2.c
--- gsoap.orig/files/patch-soapcpp2-stdsoap2.c	Fri May 19 23:15:26 2006
+++ gsoap/files/patch-soapcpp2-stdsoap2.c	Fri Sep 29 14:23:37 2006
@@ -1,6 +1,6 @@
---- soapcpp2/stdsoap2.c.orig	Sat May 20 00:20:40 2006
-+++ soapcpp2/stdsoap2.c	Sat May 20 00:58:33 2006
-@@ -3251,7 +3251,7 @@
+--- soapcpp2/stdsoap2.c.orig	Mon Jun 26 21:36:38 2006
++++ soapcpp2/stdsoap2.c	Fri Sep 29 14:22:51 2006
+@@ -3282,7 +3282,7 @@
      soap->errnum = h_errno;
    }
  #elif defined(HAVE_GETHOSTBYNAME_R)
@@ -9,3 +9,12 @@
  #elif defined(VXWORKS)
    /* If the DNS resolver library resolvLib has been configured in the vxWorks
     * image, a query for the host IP address is sent to the DNS server, if the
+@@ -7616,7 +7616,7 @@
+         break;
+     }
+     if (!tp)
+-    { tp = (struct soap_attribute*)SOAP_MALLOC(soap, sizeof(struct soap_attribute) + strlen(soap->tmpbuf));
++    { tp = (struct soap_attribute*)SOAP_MALLOC(soap, sizeof(struct soap_attribute) + strlen(soap->tmpbuf) + 1);
+       if (!tp)
+         return soap->error = SOAP_EOM;
+       strcpy(tp->name, soap->tmpbuf);
diff -urN gsoap.orig/files/patch-soapcpp2-stdsoap2.cpp gsoap/files/patch-soapcpp2-stdsoap2.cpp
--- gsoap.orig/files/patch-soapcpp2-stdsoap2.cpp	Sun Aug  6 20:41:40 2006
+++ gsoap/files/patch-soapcpp2-stdsoap2.cpp	Fri Sep 29 14:23:45 2006
@@ -1,5 +1,5 @@
---- soapcpp2/stdsoap2.cpp.orig	Mon Jun 26 23:36:38 2006
-+++ soapcpp2/stdsoap2.cpp	Sat Aug  5 12:18:51 2006
+--- soapcpp2/stdsoap2.c.orig	Mon Jun 26 21:36:38 2006
++++ soapcpp2/stdsoap2.cpp	Fri Sep 29 14:22:34 2006
 @@ -3282,7 +3282,7 @@
      soap->errnum = h_errno;
    }
@@ -18,3 +18,12 @@
              for (j = 0; j < sk_CONF_VALUE_num(val); j++)
              { CONF_VALUE *nval = sk_CONF_VALUE_value(val, j);
                if (nval && !strcmp(nval->name, "DNS") && !strcmp(nval->value, host))
+@@ -7616,7 +7616,7 @@
+         break;
+     }
+     if (!tp)
+-    { tp = (struct soap_attribute*)SOAP_MALLOC(soap, sizeof(struct soap_attribute) + strlen(soap->tmpbuf));
++    { tp = (struct soap_attribute*)SOAP_MALLOC(soap, sizeof(struct soap_attribute) + strlen(soap->tmpbuf) + 1);
+       if (!tp)
+         return soap->error = SOAP_EOM;
+       strcpy(tp->name, soap->tmpbuf);
>Release-Note:
>Audit-Trail:
>Unformatted:



More information about the freebsd-ports-bugs mailing list