diff options
Diffstat (limited to 'patches/source/slocate')
| -rw-r--r-- | patches/source/slocate/slack-desc | 19 | ||||
| -rw-r--r-- | patches/source/slocate/slocate-3.1.tar.gz.sign | 7 | ||||
| -rw-r--r-- | patches/source/slocate/slocate.CVE-2007-0277.diff | 42 | ||||
| -rwxr-xr-x | patches/source/slocate/slocate.SlackBuild | 90 | ||||
| -rw-r--r-- | patches/source/slocate/slocate.bigfile.diff | 33 |
5 files changed, 191 insertions, 0 deletions
diff --git a/patches/source/slocate/slack-desc b/patches/source/slocate/slack-desc new file mode 100644 index 000000000..22ec56cc8 --- /dev/null +++ b/patches/source/slocate/slack-desc @@ -0,0 +1,19 @@ +# HOW TO EDIT THIS FILE: +# The "handy ruler" below makes it easier to edit a package description. Line +# up the first '|' above the ':' following the base package name, and the '|' on +# the right side marks the last column you can put a character in. You must make +# exactly 11 lines for the formatting to be correct. It's also customary to +# leave one space after the ':'. + + |-----handy-ruler------------------------------------------------------| +slocate: slocate (Secure Locate) +slocate: +slocate: Slocate is an enhanced version of locate, a command to help you locate +slocate: files on the system. Like the original version of locate, Slocate +slocate: maintains a database of files on the system, updating it nightly. +slocate: Unlike the original, Slocate indexes every file on the machine rather +slocate: than only the ones that can be seen by everyone. The "secure" part of +slocate: slocate is that it will only return matches if the user is allowed to +slocate: see the files. +slocate: +slocate: diff --git a/patches/source/slocate/slocate-3.1.tar.gz.sign b/patches/source/slocate/slocate-3.1.tar.gz.sign new file mode 100644 index 000000000..91b982425 --- /dev/null +++ b/patches/source/slocate/slocate-3.1.tar.gz.sign @@ -0,0 +1,7 @@ +-----BEGIN PGP SIGNATURE----- +Version: GnuPG v1.4.2 (GNU/Linux) + +iD8DBQBEDmWkUZpV8HRsUfQRAnLeAJ0cBuIYvy+3GSTdm+sfQ7XYbNWuwgCgj+pZ +RKdGZfMmcuFGoBO39sCX/64= +=K/rW +-----END PGP SIGNATURE----- diff --git a/patches/source/slocate/slocate.CVE-2007-0277.diff b/patches/source/slocate/slocate.CVE-2007-0277.diff new file mode 100644 index 000000000..4f109922f --- /dev/null +++ b/patches/source/slocate/slocate.CVE-2007-0277.diff @@ -0,0 +1,42 @@ +--- slocate-3.1.orig/src/utils.c ++++ slocate-3.1/src/utils.c +@@ -524,6 +524,7 @@ + { + struct stat path_stat; + int ret = 0; ++ char *path_copy = NULL; + char *ptr = NULL; + + if (lstat(path, &path_stat) == -1) +@@ -532,15 +533,25 @@ + if (!S_ISLNK(path_stat.st_mode)) { + if (access(path, F_OK) != 0) + goto EXIT; +- } else if ((ptr = rindex(path, '/'))) { +- *ptr = 0; +- if (access(path, F_OK) == 0) +- ret = 1; +- *ptr = '/'; +- goto EXIT; + } + ++ /* "path" is const, so we shouldn't modify it. Also, for speed, ++ * I suspect strdup/free is less expensive than the deep access ++ * checks... */ ++ if (!(path_copy = strdup(path))) ++ goto EXIT; ++ + ret = 1; ++ ++ /* Each directory leading to the file (symlink or not) must be ++ * readable for us to allow it to be listed in search results. */ ++ while (ret && (ptr=rindex(path_copy,'/'))) { ++ *ptr=0; ++ if (*path_copy && access(path_copy, R_OK) != 0) ++ ret = 0; ++ } ++ free(path_copy); ++ + EXIT: + return ret; + } diff --git a/patches/source/slocate/slocate.SlackBuild b/patches/source/slocate/slocate.SlackBuild new file mode 100755 index 000000000..3c3e84949 --- /dev/null +++ b/patches/source/slocate/slocate.SlackBuild @@ -0,0 +1,90 @@ +#!/bin/sh + +# Copyright 2008, 2009, 2010, 2012 Patrick J. Volkerding, Sebeka, Minnesota, USA +# All rights reserved. +# +# Redistribution and use of this script, with or without modification, is +# permitted provided that the following conditions are met: +# +# 1. Redistributions of this script must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED +# WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF +# MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO +# EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +# PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +# OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +# OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +# ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + +VERSION=3.1 +BUILD=${BUILD:-4_slack13.0} + +# Automatically determine the architecture we're building on: +if [ -z "$ARCH" ]; then + case "$( uname -m )" in + i?86) export ARCH=i486 ;; + arm*) export ARCH=arm ;; + # Unless $ARCH is already set, use uname -m for all other archs: + *) export ARCH=$( uname -m ) ;; + esac +fi + +CWD=$(pwd) +TMP=${TMP:-/tmp} +PKG=$TMP/package-slocate + +if [ "$ARCH" = "i486" ]; then + SLKCFLAGS="-O2 -march=i486 -mtune=i686" +elif [ "$ARCH" = "s390" ]; then + SLKCFLAGS="-O2" +elif [ "$ARCH" = "x86_64" ]; then + SLKCFLAGS="-O2 -fPIC" +fi + +rm -rf $PKG +mkdir -p $TMP $PKG + +# Explode the package framework: +cd $PKG +explodepkg $CWD/_slocate.tar.gz + +cd $TMP +rm -rf slocate-$VERSION +tar xzvf $CWD/slocate-$VERSION.tar.gz || exit 1 +cd slocate-$VERSION || exit 1 + +zcat $CWD/slocate.bigfile.diff.gz | patch -p0 --verbose || exit 1 +zcat $CWD/slocate.CVE-2007-0277.diff.gz | patch -p1 --verbose || exit 1 + +chown -R root:root . +find . \ + \( -perm 777 -o -perm 775 -o -perm 750 -o -perm 2750 -o -perm 711 -o -perm 555 -o -perm 511 \) \ + -exec chmod 755 {} \; -o \ + \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \ + -exec chmod 644 {} \; + +cd src +make CFLAGS="$SLKCFLAGS -D_LARGEFILE64_SOURCE" || exit 1 +cd .. +strip --strip-unneeded src/slocate +mkdir -p $PKG/usr/bin +cat src/slocate > $PKG/usr/bin/slocate +mkdir -p $PKG/usr/man/man1 +cat doc/slocate.1 | gzip -9c > $PKG/usr/man/man1/slocate.1.gz +cat doc/updatedb.1 | gzip -9c > $PKG/usr/man/man1/updatedb.1.gz +mkdir -p $PKG/usr/doc/slocate-$VERSION +cp -a \ + Changelog LICENSE README WISHLIST \ + $PKG/usr/doc/slocate-$VERSION +mkdir -p $PKG/install +cat $CWD/slack-desc > $PKG/install/slack-desc + +# Build the package: +cd $PKG +makepkg -l y -c n $TMP/slocate-$VERSION-$ARCH-$BUILD.txz + diff --git a/patches/source/slocate/slocate.bigfile.diff b/patches/source/slocate/slocate.bigfile.diff new file mode 100644 index 000000000..6ccd1202e --- /dev/null +++ b/patches/source/slocate/slocate.bigfile.diff @@ -0,0 +1,33 @@ +Fix 2GB limitation - brought to you by mancha + +--- src/utils.c.orig 2012-08-25 ++++ src/utils.c 2012-08-25 +@@ -284,12 +284,12 @@ int + verify_slocate_db(struct g_data_s *g_data, char *file) + { + char ch[1]; +- struct stat tf_stat; ++ struct stat64 tf_stat; + int bytes = 0; + int fd = -1; + + if (access(file, W_OK | R_OK) == 0) { +- if (lstat(file, &tf_stat) == -1) { ++ if (lstat64(file, &tf_stat) == -1) { + if (!report_error(g_data, FATAL, "get_temp_file: fstat(): %s: %s\n", file, strerror(errno))) + goto EXIT; + +@@ -522,11 +522,11 @@ EXIT: + * to check them separately */ + int verify_access(const char *path) + { +- struct stat path_stat; ++ struct stat64 path_stat; + int ret = 0; + char *ptr = NULL; + +- if (lstat(path, &path_stat) == -1) ++ if (lstat64(path, &path_stat) == -1) + goto EXIT; + + if (!S_ISLNK(path_stat.st_mode)) { |