ports/103810: [fix] devel/gsoap: buffer overrun in version 2.7.8c
Simun Mikecin
numisemis at yahoo.com
Fri Sep 29 12:40:14 UTC 2006
>Number: 103810
>Category: ports
>Synopsis: [fix] devel/gsoap: buffer overrun in version 2.7.8c
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Fri Sep 29 12:40:12 GMT 2006
>Closed-Date:
>Last-Modified:
>Originator: Simun Mikecin
>Release: FreeBSD 5.2.1-RELEASE-p9 i386
>Organization:
>Environment:
System: FreeBSD mail.logos.hr 5.2.1-RELEASE-p9 FreeBSD 5.2.1-RELEASE-p9 #1: Mon Jul 26 14:07:00 CEST 2004 root at mail.logos.hr:/usr/obj/usr/src.5.2.1-R/sys/MAIL i386
>Description:
There is a buffer overrun by one byte in stdsoap2.c and stdsoap2.cpp. See:
http://sourceforge.net/tracker/index.php?func=detail&aid=1534483&group_id=52781&atid=468021
>How-To-Repeat:
>Fix:
diff -urN gsoap.orig/Makefile gsoap/Makefile
--- gsoap.orig/Makefile Sat Aug 12 11:28:02 2006
+++ gsoap/Makefile Fri Sep 29 14:20:16 2006
@@ -7,7 +7,7 @@
PORTNAME= gsoap
PORTVERSION= 2.7.8c
-PORTREVISION= 2
+PORTREVISION= 3
CATEGORIES= devel
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE}
MASTER_SITE_SUBDIR= gsoap2
diff -urN gsoap.orig/files/patch-soapcpp2-stdsoap2.c gsoap/files/patch-soapcpp2-stdsoap2.c
--- gsoap.orig/files/patch-soapcpp2-stdsoap2.c Fri May 19 23:15:26 2006
+++ gsoap/files/patch-soapcpp2-stdsoap2.c Fri Sep 29 14:23:37 2006
@@ -1,6 +1,6 @@
---- soapcpp2/stdsoap2.c.orig Sat May 20 00:20:40 2006
-+++ soapcpp2/stdsoap2.c Sat May 20 00:58:33 2006
-@@ -3251,7 +3251,7 @@
+--- soapcpp2/stdsoap2.c.orig Mon Jun 26 21:36:38 2006
++++ soapcpp2/stdsoap2.c Fri Sep 29 14:22:51 2006
+@@ -3282,7 +3282,7 @@
soap->errnum = h_errno;
}
#elif defined(HAVE_GETHOSTBYNAME_R)
@@ -9,3 +9,12 @@
#elif defined(VXWORKS)
/* If the DNS resolver library resolvLib has been configured in the vxWorks
* image, a query for the host IP address is sent to the DNS server, if the
+@@ -7616,7 +7616,7 @@
+ break;
+ }
+ if (!tp)
+- { tp = (struct soap_attribute*)SOAP_MALLOC(soap, sizeof(struct soap_attribute) + strlen(soap->tmpbuf));
++ { tp = (struct soap_attribute*)SOAP_MALLOC(soap, sizeof(struct soap_attribute) + strlen(soap->tmpbuf) + 1);
+ if (!tp)
+ return soap->error = SOAP_EOM;
+ strcpy(tp->name, soap->tmpbuf);
diff -urN gsoap.orig/files/patch-soapcpp2-stdsoap2.cpp gsoap/files/patch-soapcpp2-stdsoap2.cpp
--- gsoap.orig/files/patch-soapcpp2-stdsoap2.cpp Sun Aug 6 20:41:40 2006
+++ gsoap/files/patch-soapcpp2-stdsoap2.cpp Fri Sep 29 14:23:45 2006
@@ -1,5 +1,5 @@
---- soapcpp2/stdsoap2.cpp.orig Mon Jun 26 23:36:38 2006
-+++ soapcpp2/stdsoap2.cpp Sat Aug 5 12:18:51 2006
+--- soapcpp2/stdsoap2.c.orig Mon Jun 26 21:36:38 2006
++++ soapcpp2/stdsoap2.cpp Fri Sep 29 14:22:34 2006
@@ -3282,7 +3282,7 @@
soap->errnum = h_errno;
}
@@ -18,3 +18,12 @@
for (j = 0; j < sk_CONF_VALUE_num(val); j++)
{ CONF_VALUE *nval = sk_CONF_VALUE_value(val, j);
if (nval && !strcmp(nval->name, "DNS") && !strcmp(nval->value, host))
+@@ -7616,7 +7616,7 @@
+ break;
+ }
+ if (!tp)
+- { tp = (struct soap_attribute*)SOAP_MALLOC(soap, sizeof(struct soap_attribute) + strlen(soap->tmpbuf));
++ { tp = (struct soap_attribute*)SOAP_MALLOC(soap, sizeof(struct soap_attribute) + strlen(soap->tmpbuf) + 1);
+ if (!tp)
+ return soap->error = SOAP_EOM;
+ strcpy(tp->name, soap->tmpbuf);
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list