Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_151240538428410"
MIME-Version: 1.0
Date: Mon, 4 Dec 2017 16:36:24 +0000
From: "Maya Rashish" <maya@netbsd.org>
Subject: CVS commit: pkgsrc/devel/at-spi2-core
To: pkgsrc-changes@NetBSD.org
Reply-To: maya@netbsd.org
Message-Id: <20171204163624.E0007FB40@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
Precedence: bulk

This is a multi-part message in MIME format.

--_----------=_151240538428410
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	maya
Date:		Mon Dec  4 16:36:24 UTC 2017

Modified Files:
	pkgsrc/devel/at-spi2-core: Makefile distinfo
Added Files:
	pkgsrc/devel/at-spi2-core/patches: patch-bus_at-spi-bus-launcher.c

Log Message:
at-spi2-core: fix inverted logic that might lead to buffer overflow
(merged upstream).

bump PKGREVISION


To generate a diff of this commit:
cvs rdiff -u -r1.26 -r1.27 pkgsrc/devel/at-spi2-core/Makefile
cvs rdiff -u -r1.22 -r1.23 pkgsrc/devel/at-spi2-core/distinfo
cvs rdiff -u -r0 -r1.1 \
    pkgsrc/devel/at-spi2-core/patches/patch-bus_at-spi-bus-launcher.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_151240538428410
Content-Disposition: inline
Content-Length: 2403
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/devel/at-spi2-core/Makefile
diff -u pkgsrc/devel/at-spi2-core/Makefile:1.26 pkgsrc/devel/at-spi2-core/Makefile:1.27
--- pkgsrc/devel/at-spi2-core/Makefile:1.26	Thu Nov 23 15:16:39 2017
+++ pkgsrc/devel/at-spi2-core/Makefile	Mon Dec  4 16:36:24 2017
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.26 2017/11/23 15:16:39 wiz Exp $
+# $NetBSD: Makefile,v 1.27 2017/12/04 16:36:24 maya Exp $
 
 DISTNAME=	at-spi2-core-2.26.2
+PKGREVISION=	1
 CATEGORIES=	devel gnome
 MASTER_SITES=	${MASTER_SITE_GNOME:=sources/at-spi2-core/${PKGVERSION_NOREV:R}/}
 EXTRACT_SUFX=	.tar.xz

Index: pkgsrc/devel/at-spi2-core/distinfo
diff -u pkgsrc/devel/at-spi2-core/distinfo:1.22 pkgsrc/devel/at-spi2-core/distinfo:1.23
--- pkgsrc/devel/at-spi2-core/distinfo:1.22	Thu Nov 23 15:16:39 2017
+++ pkgsrc/devel/at-spi2-core/distinfo	Mon Dec  4 16:36:24 2017
@@ -1,6 +1,7 @@
-$NetBSD: distinfo,v 1.22 2017/11/23 15:16:39 wiz Exp $
+$NetBSD: distinfo,v 1.23 2017/12/04 16:36:24 maya Exp $
 
 SHA1 (at-spi2-core-2.26.2.tar.xz) = 1c39d66c1ca02005abff884fdab0ab510311d018
 RMD160 (at-spi2-core-2.26.2.tar.xz) = 8b4da05431a7c764701a36d8be4753ff0dc17574
 SHA512 (at-spi2-core-2.26.2.tar.xz) = 6a8e158e30c37ce475467b6634aff046a318875271966d7bfa3e56052d0cd26cd37435d0b9ae14f079542b8b3e76088da5bd50ed39eb39f3f40394c55ed3f255
 Size (at-spi2-core-2.26.2.tar.xz) = 494484 bytes
+SHA1 (patch-bus_at-spi-bus-launcher.c) = f897928b6b032c729c409ccecc9d8088b45bca5a

Added files:

Index: pkgsrc/devel/at-spi2-core/patches/patch-bus_at-spi-bus-launcher.c
diff -u /dev/null pkgsrc/devel/at-spi2-core/patches/patch-bus_at-spi-bus-launcher.c:1.1
--- /dev/null	Mon Dec  4 16:36:24 2017
+++ pkgsrc/devel/at-spi2-core/patches/patch-bus_at-spi-bus-launcher.c	Mon Dec  4 16:36:24 2017
@@ -0,0 +1,16 @@
+$NetBSD: patch-bus_at-spi-bus-launcher.c,v 1.1 2017/12/04 16:36:24 maya Exp $
+
+Fix inverted logic. Don't write to a buffer more than it can hold.
+https://bugzilla.gnome.org/show_bug.cgi?id=791124
+
+--- bus/at-spi-bus-launcher.c.orig	2017-06-20 17:27:11.000000000 +0000
++++ bus/at-spi-bus-launcher.c
+@@ -244,7 +244,7 @@ unix_read_all_fd_to_string (int      fd,
+ {
+   ssize_t bytes_read;
+ 
+-  while (max_bytes > 1 && (bytes_read = read (fd, buf, MAX (4096, max_bytes - 1))))
++  while (max_bytes > 1 && (bytes_read = read (fd, buf, MIN (4096, max_bytes - 1))))
+     {
+       if (bytes_read < 0)
+         return FALSE;


--_----------=_151240538428410--