webalizer: fix crashes Use memmove instead of memcpy with overlapping arguments. Patch from Adrian Immanuel Kiess in PR pkg/55809.diff -r1.72 -r1.73 pkgsrc/www/webalizer/Makefile
(bsiegert)
@@ -1,17 +1,18 @@ | @@ -1,17 +1,18 @@ | |||
1 | # $NetBSD: Makefile,v 1.72 2020/11/26 16:08:13 bsiegert Exp $ | 1 | # $NetBSD: Makefile,v 1.73 2021/02/20 14:37:23 bsiegert Exp $ | |
2 | 2 | |||
3 | DISTNAME= webalizer-2.23-08-src | 3 | DISTNAME= webalizer-2.23-08-src | |
4 | PKGNAME= webalizer-2.23.8 | 4 | PKGNAME= webalizer-2.23.8 | |
5 | PKGREVISION= 1 | |||
5 | CATEGORIES= www | 6 | CATEGORIES= www | |
6 | MASTER_SITES= ftp://ftp.mrunix.net/pub/webalizer/ | 7 | MASTER_SITES= ftp://ftp.mrunix.net/pub/webalizer/ | |
7 | EXTRACT_SUFX= .tar.bz2 | 8 | EXTRACT_SUFX= .tar.bz2 | |
8 | 9 | |||
9 | MAINTAINER= pkgsrc-users@NetBSD.org | 10 | MAINTAINER= pkgsrc-users@NetBSD.org | |
10 | HOMEPAGE= http://www.webalizer.org/ | 11 | HOMEPAGE= http://www.webalizer.org/ | |
11 | COMMENT= Web server log file analysis program | 12 | COMMENT= Web server log file analysis program | |
12 | 13 | |||
13 | WRKSRC= ${WRKDIR}/${DISTNAME:S/-src//} | 14 | WRKSRC= ${WRKDIR}/${DISTNAME:S/-src//} | |
14 | BDB_ACCEPTED= db4 db5 | 15 | BDB_ACCEPTED= db4 db5 | |
15 | GNU_CONFIGURE= yes | 16 | GNU_CONFIGURE= yes | |
16 | CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR} | 17 | CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFDIR} | |
17 | CONFIGURE_ARGS+= --enable-dns | 18 | CONFIGURE_ARGS+= --enable-dns |
@@ -1,13 +1,14 @@ | @@ -1,13 +1,14 @@ | |||
1 | $NetBSD: distinfo,v 1.17 2020/11/26 16:08:13 bsiegert Exp $ | 1 | $NetBSD: distinfo,v 1.18 2021/02/20 14:37:23 bsiegert Exp $ | |
2 | 2 | |||
3 | SHA1 (webalizer-2.23-08-src.tar.bz2) = 601d5b6557c9916a050544592f5bf9c2ad540f59 | 3 | SHA1 (webalizer-2.23-08-src.tar.bz2) = 601d5b6557c9916a050544592f5bf9c2ad540f59 | |
4 | RMD160 (webalizer-2.23-08-src.tar.bz2) = 6f1d2ca90d9a891c878e5edb220684869f9fd32c | 4 | RMD160 (webalizer-2.23-08-src.tar.bz2) = 6f1d2ca90d9a891c878e5edb220684869f9fd32c | |
5 | SHA512 (webalizer-2.23-08-src.tar.bz2) = 23fe6e3ef1c85aa527ffafef16c31c13ad8e1f9feb774557c07a5c8fd6c67986b98180ef16d6cebe62d59c5f7ca214b8292e94ce8f195fa0541de9c5438fb9bd | 5 | SHA512 (webalizer-2.23-08-src.tar.bz2) = 23fe6e3ef1c85aa527ffafef16c31c13ad8e1f9feb774557c07a5c8fd6c67986b98180ef16d6cebe62d59c5f7ca214b8292e94ce8f195fa0541de9c5438fb9bd | |
6 | Size (webalizer-2.23-08-src.tar.bz2) = 308090 bytes | 6 | Size (webalizer-2.23-08-src.tar.bz2) = 308090 bytes | |
7 | SHA1 (patch-ac) = f4885b334b3adb3f8523f959a89e6fe5f7f3b52f | 7 | SHA1 (patch-ac) = f4885b334b3adb3f8523f959a89e6fe5f7f3b52f | |
8 | SHA1 (patch-ad) = 7a296638b50341648ca70ad730c1e91282212dad | 8 | SHA1 (patch-ad) = 7a296638b50341648ca70ad730c1e91282212dad | |
9 | SHA1 (patch-ae) = ea0c444408cef1be4e69b837170bbbe9a7a5150e | 9 | SHA1 (patch-ae) = ea0c444408cef1be4e69b837170bbbe9a7a5150e | |
10 | SHA1 (patch-ba) = eadf9f9d22c89d441debd90b993846529fc872fd | 10 | SHA1 (patch-ba) = eadf9f9d22c89d441debd90b993846529fc872fd | |
11 | SHA1 (patch-bb) = d8a5f6f60f53d6de8fc24d3b1844a052be0ad69a | 11 | SHA1 (patch-bb) = d8a5f6f60f53d6de8fc24d3b1844a052be0ad69a | |
12 | SHA1 (patch-bc) = 98d263cfb585477798f620a6f3690680ce2759b6 | 12 | SHA1 (patch-bc) = 98d263cfb585477798f620a6f3690680ce2759b6 | |
13 | SHA1 (patch-bd) = 21f074725a85de5d9d865b84cc88dc04919226d4 | 13 | SHA1 (patch-bd) = 21f074725a85de5d9d865b84cc88dc04919226d4 | |
14 | SHA1 (patch-preserve.c) = 5fc85459af088b773073f161a29160a2cff73ba8 |
$NetBSD: patch-preserve.c,v 1.1 2021/02/20 14:37:23 bsiegert Exp $
memcpy with overlapping arguments is undefined behavior, use memmove.
See PR pkg/55809.
--- preserve.c.orig 2013-02-26 05:37:27.000000000 +0000
+++ preserve.c
@@ -109,7 +109,7 @@ void get_history()
yr = hist[i].year;
mth= hist[i].month+1;
if (mth>12) { mth=1; yr++; }
- memcpy(&hist[0], &hist[1], sizeof(hist[0])*i);
+ memmove(&hist[0], &hist[1], sizeof(hist[0])*i);
memset(&hist[i], 0, sizeof(struct hist_rec));
hist[i].year=yr; hist[i].month=mth; n--;
}
@@ -277,7 +277,7 @@ void update_history()
yr = hist[i].year;
mth= hist[i].month+1;
if (mth>12) { mth=1; yr++; }
- memcpy(&hist[0],&hist[1],sizeof(hist[0])*i);
+ memmove(&hist[0],&hist[1],sizeof(hist[0])*i);
memset(&hist[i], 0, sizeof(struct hist_rec));
hist[i].year=yr; hist[i].month=mth; n--;
}