01/01: gnu: xboing: Fix CVE-2004-0149.

guix-commits
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
01/01: gnu: xboing: Fix CVE-2004-0149.

From:	Efraim Flashner
Subject:	01/01: gnu: xboing: Fix CVE-2004-0149.
Date:	Thu, 21 Dec 2017 02:05:13 -0500 (EST)
efraim pushed a commit to branch master
in repository guix.

commit 417f3d494f6b7febd086ae064e67646b7faee9ff
Author: Efraim Flashner <address@hidden>
Date:   Thu Dec 21 09:02:46 2017 +0200

    gnu: xboing: Fix CVE-2004-0149.
    
    * gnu/packages/patches/xboing-CVE-2004-0149: New file.
    * gnu/packages/games.scm (xboing)[source]: Add patch.
    * gnu/local.mk (dist_patch_DATA): Register it.
---
 gnu/local.mk                                    |   1 +
 gnu/packages/games.scm                          |   3 +-
 gnu/packages/patches/xboing-CVE-2004-0149.patch | 134 ++++++++++++++++++++++++
 3 files changed, 137 insertions(+), 1 deletion(-)

diff --git a/gnu/local.mk b/gnu/local.mk
index 8ffcc58..88e3c77 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1141,6 +1141,7 @@ dist_patch_DATA =                                         
\
   %D%/packages/patches/wpa-supplicant-fix-zeroed-keys.patch    \
   %D%/packages/patches/wpa-supplicant-fix-nonce-reuse.patch    \
   %D%/packages/patches/wpa-supplicant-krack-followups.patch    \
+  %D%/packages/patches/xboing-CVE-2004-0149.patch              \
   %D%/packages/patches/xcb-proto-python3-print.patch           \
   %D%/packages/patches/xcb-proto-python3-whitespace.patch      \
   %D%/packages/patches/xdotool-fix-makefile.patch               \
diff --git a/gnu/packages/games.scm b/gnu/packages/games.scm
index cc21a63..c494d0b 100644
--- a/gnu/packages/games.scm
+++ b/gnu/packages/games.scm
@@ -1071,7 +1071,8 @@ Portable Game Notation.")
        (uri (string-append "http://www.techrescue.org/xboing/xboing";
                            version ".tar.gz"))
        (sha256
-        (base32 "16m2si8wmshxpifk861vhpqviqxgcg8bxj6wfw8hpnm4r2w9q0b7"))))
+        (base32 "16m2si8wmshxpifk861vhpqviqxgcg8bxj6wfw8hpnm4r2w9q0b7"))
+       (patches (search-patches "xboing-CVE-2004-0149.patch"))))
     (arguments
      `(#:tests? #f
        #:phases
diff --git a/gnu/packages/patches/xboing-CVE-2004-0149.patch 
b/gnu/packages/patches/xboing-CVE-2004-0149.patch
new file mode 100644
index 0000000..b40146b
--- /dev/null
+++ b/gnu/packages/patches/xboing-CVE-2004-0149.patch
@@ -0,0 +1,134 @@
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0149
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=174924
+---
+ demo.c      |  2 +-
+ editor.c    | 12 ++++++------
+ file.c      |  2 +-
+ highscore.c |  6 +++---
+ misc.c      |  2 +-
+ preview.c   |  2 +-
+ 6 files changed, 13 insertions(+), 13 deletions(-)
+
+diff --git a/demo.c b/demo.c
+index 9084e70..f4fc2cd 100644
+--- a/demo.c
++++ b/demo.c
+@@ -154,7 +154,7 @@ static void DoBlocks(display, window)
+ 
+     /* Construct the demo level filename */
+     if ((str = getenv("XBOING_LEVELS_DIR")) != NULL)
+-        sprintf(levelPath, "%s/demo.data", str);
++        snprintf(levelPath, sizeof(levelPath),"%s/demo.data", str);
+     else
+         sprintf(levelPath, "%s/demo.data", LEVEL_INSTALL_DIR);
+ 
+diff --git a/editor.c b/editor.c
+index f2bb9ed..66d0679 100644
+--- a/editor.c
++++ b/editor.c
+@@ -213,7 +213,7 @@ static void DoLoadLevel(display, window)
+ 
+     /* Construct the Edit level filename */
+     if ((str = getenv("XBOING_LEVELS_DIR")) != NULL)
+-        sprintf(levelPath, "%s/editor.data", str);
++        snprintf(levelPath,sizeof(levelPath)-1, "%s/editor.data", str);
+     else
+         sprintf(levelPath, "%s/editor.data", LEVEL_INSTALL_DIR);
+ 
+@@ -958,8 +958,8 @@ static void LoadALevel(display)
+     if ((num > 0) && (num <= MAX_NUM_LEVELS))
+     {
+           /* Construct the Edit level filename */
+-              if ((str2 = getenv("XBOING_LEVELS_DIR")) != NULL)
+-              sprintf(levelPath, "%s/level%02ld.data", str2, (u_long) num);
++        if ((str2 = getenv("XBOING_LEVELS_DIR")) != NULL)
++            snprintf(levelPath, sizeof(levelPath)-1,"%s/level%02ld.data", 
str2, (u_long) num);
+       else
+               sprintf(levelPath, "%s/level%02ld.data", 
+                               LEVEL_INSTALL_DIR, (u_long) num);
+@@ -1017,9 +1017,9 @@ static void SaveALevel(display)
+     num = atoi(str);
+     if ((num > 0) && (num <= MAX_NUM_LEVELS))
+     {
+-          /* Construct the Edit level filename */
+-              if ((str2 = getenv("XBOING_LEVELS_DIR")) != NULL)
+-              sprintf(levelPath, "%s/level%02ld.data", str2, (u_long) num);
++        /* Construct the Edit level filename */
++        if ((str2 = getenv("XBOING_LEVELS_DIR")) != NULL)
++            snprintf(levelPath, sizeof(levelPath)-1,"%s/level%02ld.data", 
str2, (u_long) num);
+       else
+               sprintf(levelPath, "%s/level%02ld.data", 
+                               LEVEL_INSTALL_DIR, (u_long) num);
+diff --git a/file.c b/file.c
+index 4c043cd..99a0854 100644
+--- a/file.c
++++ b/file.c
+@@ -139,7 +139,7 @@ void SetupStage(display, window)
+ 
+     /* Construct the level filename */
+     if ((str = getenv("XBOING_LEVELS_DIR")) != NULL)
+-        sprintf(levelPath, "%s/level%02ld.data", str, newLevel);
++        snprintf(levelPath,sizeof(levelPath), "%s/level%02ld.data", str, 
newLevel);
+     else
+         sprintf(levelPath, "%s/level%02ld.data", LEVEL_INSTALL_DIR, newLevel);
+ 
+diff --git a/highscore.c b/highscore.c
+index f0db3e9..792273e 100644
+--- a/highscore.c
++++ b/highscore.c
+@@ -1023,7 +1023,7 @@ int ReadHighScoreTable(type)
+       {
+               /* Use the environment variable if it exists */
+               if ((str = getenv("XBOING_SCORE_FILE")) != NULL)
+-                      strcpy(filename, str);
++            strncpy(filename, str, sizeof(filename)-1);
+               else
+                       strcpy(filename, HIGH_SCORE_FILE);
+       }
+@@ -1095,7 +1095,7 @@ int WriteHighScoreTable(type)
+       {
+               /* Use the environment variable if it exists */
+               if ((str = getenv("XBOING_SCORE_FILE")) != NULL)
+-                      strcpy(filename, str);
++            strncpy(filename, str, sizeof(filename)-1);
+               else
+                       strcpy(filename, HIGH_SCORE_FILE);
+       }       
+@@ -1218,7 +1218,7 @@ static int LockUnlock(cmd)
+ 
+       /* Use the environment variable if it exists */
+       if ((str = getenv("XBOING_SCORE_FILE")) != NULL)
+-              strcpy(filename, str);
++        strncpy(filename, str, sizeof(filename)-1);
+       else
+               strcpy(filename, HIGH_SCORE_FILE);
+ 
+diff --git a/misc.c b/misc.c
+index f3ab37e..7f3ddce 100644
+--- a/misc.c
++++ b/misc.c
+@@ -427,7 +427,7 @@ char *GetHomeDir()
+      */
+ 
+     if ((ptr = getenv("HOME")) != NULL)
+-        (void) strcpy(dest, ptr);
++        (void) strncpy(dest, ptr,sizeof(dest)-1);
+     else
+     {
+         /* HOME variable is not present so get USER var */
+diff --git a/preview.c b/preview.c
+index 41c1187..687f566 100644
+--- a/preview.c
++++ b/preview.c
+@@ -139,7 +139,7 @@ static void DoLoadLevel(display, window)
+ 
+     /* Construct the Preview level filename */
+     if ((str = getenv("XBOING_LEVELS_DIR")) != NULL)
+-        sprintf(levelPath, "%s/level%02d.data", str, lnum);
++        snprintf(levelPath, sizeof(levelPath)-1, "%s/level%02d.data", str, 
lnum);
+     else
+         sprintf(levelPath, "%s/level%02d.data", LEVEL_INSTALL_DIR, lnum);
+ 
+-- 
+2.15.1
+
[Prev in Thread]
Current Thread
[Next in Thread]
branch master updated (dab2542 -> 417f3d4), Efraim Flashner, 2017/12/21
- 01/01: gnu: xboing: Fix CVE-2004-0149., Efraim Flashner <=
Prev by Date: branch master updated (dab2542 -> 417f3d4)
Next by Date: branch master updated (417f3d4 -> ce16d31)
Previous by thread: branch master updated (dab2542 -> 417f3d4)
Next by thread: branch master updated (417f3d4 -> ce16d31)
Index(es):
- Date
- Thread