Annotation of /trunk/lynx/patches/lynx-2.8.5rel.4.patch
Parent Directory | Revision Log
Revision 153 -
(hide annotations)
(download)
Tue May 8 20:52:56 2007 UTC (17 years, 4 months ago) by niro
File size: 7084 byte(s)
Tue May 8 20:52:56 2007 UTC (17 years, 4 months ago) by niro
File size: 7084 byte(s)
-import
1 | niro | 153 | # ------------------------------------------------------------------------------ |
2 | # CHANGES | 11 +++++++---- | ||
3 | # WWW/Library/Implementation/HTGopher.c | 1 + | ||
4 | # WWW/Library/Implementation/HTMIME.c | 14 +++++++------- | ||
5 | # configure | 2 +- | ||
6 | # configure.in | 4 ++-- | ||
7 | # lynx.cfg | 4 ++-- | ||
8 | # src/LYMainLoop.c | 4 ++-- | ||
9 | # src/LYOptions.c | 4 ++-- | ||
10 | # src/LYStrings.c | 2 +- | ||
11 | # userdefs.h | 4 ++-- | ||
12 | # 10 files changed, 27 insertions(+), 23 deletions(-) | ||
13 | # ------------------------------------------------------------------------------ | ||
14 | Index: CHANGES | ||
15 | --- 2.8.5rel.3/CHANGES Mon Oct 17 13:47:09 2005 | ||
16 | +++ 2.8.5rel.4/CHANGES Tue Oct 25 17:40:26 2005 | ||
17 | @@ -1,10 +1,13 @@ | ||
18 | Changes since Lynx 2.8 release | ||
19 | =============================================================================== | ||
20 | |||
21 | -2004-10-17 (2.8.5rel.3 fixes from 2.8.6dev.14) | ||
22 | -* eliminate fixed-size buffers in LYExpandHostForURL() to guard against | ||
23 | - buffer overflow resulting from too-long domain prefix/suffix data from | ||
24 | - lynx.cfg (report by Ulf Harnhammar, CAN-2005-3120) -TD | ||
25 | +2005-10-25 (2.8.5rel.4 fixes from 2.8.6dev.14) | ||
26 | +* fix error in rel.3 patch (report by Klaus Singvogel) | ||
27 | + | ||
28 | +2005-10-17 (2.8.5rel.3 fixes from 2.8.6dev.14) | ||
29 | +* eliminate fixed-size buffers in HTrjis() and related functions to avoid | ||
30 | + potential buffer overflow in nntp pages (report by Ulf Harnhammar, | ||
31 | + CAN-2005-3120) -TD | ||
32 | |||
33 | 2004-04-22 (2.8.5rel.2 fixes from 2.8.6dev.1) | ||
34 | * correct ifdef in LYgetattrs() to ensure that getattrs() is used only if the | ||
35 | Index: WWW/Library/Implementation/HTGopher.c | ||
36 | --- 2.8.5rel.3/WWW/Library/Implementation/HTGopher.c Sun Apr 27 17:38:00 2003 | ||
37 | +++ 2.8.5rel.4/WWW/Library/Implementation/HTGopher.c Tue Oct 25 17:40:26 2005 | ||
38 | @@ -1117,6 +1117,7 @@ | ||
39 | }; | ||
40 | |||
41 | out = 0; | ||
42 | + memset(&ctx, 0, sizeof(ctx)); | ||
43 | ctx.host = host; | ||
44 | ctx.seek = (char *) 0; | ||
45 | ctx.port = port; | ||
46 | Index: WWW/Library/Implementation/HTMIME.c | ||
47 | Prereq: 0.2 | ||
48 | --- 2.8.5rel.3/WWW/Library/Implementation/HTMIME.c Mon Oct 17 13:47:09 2005 | ||
49 | +++ 2.8.5rel.4/WWW/Library/Implementation/HTMIME.c Tue Oct 25 17:40:26 2005 | ||
50 | @@ -2155,8 +2155,8 @@ | ||
51 | ** HTmmdecode for ISO-2022-JP - FM | ||
52 | */ | ||
53 | PUBLIC void HTmmdecode ARGS2( | ||
54 | - char **, trg, | ||
55 | - char *, str) | ||
56 | + char **, target, | ||
57 | + char *, source) | ||
58 | { | ||
59 | char *buf; | ||
60 | char *mmbuf = NULL; | ||
61 | @@ -2164,10 +2164,10 @@ | ||
62 | char *s, *t, *u; | ||
63 | int base64, quote; | ||
64 | |||
65 | - if ((buf = malloc(strlen(str) + 1)) == 0) | ||
66 | + if ((buf = malloc(strlen(source) + 1)) == 0) | ||
67 | outofmem(__FILE__, "HTmmdecode"); | ||
68 | |||
69 | - for (s = str, u = buf; *s;) { | ||
70 | + for (s = source, u = buf; *s;) { | ||
71 | if (!strncasecomp(s, "=?ISO-2022-JP?B?", 16)) { | ||
72 | base64 = 1; | ||
73 | } else { | ||
74 | @@ -2181,12 +2181,12 @@ | ||
75 | if (base64 || quote) { | ||
76 | if (HTmmcont) { | ||
77 | for (t = s - 1; | ||
78 | - t >= str && (*t == ' ' || *t == '\t'); t--) { | ||
79 | + t >= source && (*t == ' ' || *t == '\t'); t--) { | ||
80 | u--; | ||
81 | } | ||
82 | } | ||
83 | if (mmbuf == 0) /* allocate buffer big enough for source */ | ||
84 | - StrAllocCopy(mmbuf, str); | ||
85 | + StrAllocCopy(mmbuf, source); | ||
86 | for (s += 16, t = mmbuf; *s; ) { | ||
87 | if (s[0] == '?' && s[1] == '=') { | ||
88 | break; | ||
89 | @@ -2216,7 +2216,7 @@ | ||
90 | } | ||
91 | *u = '\0'; | ||
92 | end: | ||
93 | - StrAllocCopy(*t, buf); | ||
94 | + StrAllocCopy(*target, buf); | ||
95 | FREE(m2buf); | ||
96 | FREE(mmbuf); | ||
97 | FREE(buf); | ||
98 | Index: configure | ||
99 | --- 2.8.5rel.3/configure Wed Feb 4 04:07:09 2004 | ||
100 | +++ 2.8.5rel.4/configure Wed Feb 4 04:07:09 2004 | ||
101 | @@ -723,7 +723,7 @@ | ||
102 | |||
103 | PACKAGE=lynx | ||
104 | # $Format: "VERSION=$ProjectVersion$"$ | ||
105 | -VERSION=2.8.5rel.3 | ||
106 | +VERSION=2.8.5rel.4 | ||
107 | |||
108 | |||
109 | |||
110 | Index: configure.in | ||
111 | --- 2.8.5rel.3/configure.in Wed Feb 4 04:07:09 2004 | ||
112 | +++ 2.8.5rel.4/configure.in Wed Feb 4 04:07:09 2004 | ||
113 | @@ -5,7 +5,7 @@ | ||
114 | dnl | ||
115 | dnl ask PRCS to plug-in the project-version for the configure-script. | ||
116 | dnl $Format: "AC_REVISION($ProjectVersion$)"$ | ||
117 | -AC_REVISION(2.8.5rel.3) | ||
118 | +AC_REVISION(2.8.5rel.4) | ||
119 | |||
120 | # Save the original $CFLAGS so we can distinguish whether the user set those | ||
121 | # in the environment, or whether autoconf added -O and -g options: | ||
122 | @@ -33,7 +33,7 @@ | ||
123 | PACKAGE=lynx | ||
124 | dnl ask PRCS to plug-in the project-version for the packages. | ||
125 | # $Format: "VERSION=$ProjectVersion$"$ | ||
126 | -VERSION=2.8.5rel.3 | ||
127 | +VERSION=2.8.5rel.4 | ||
128 | AC_SUBST(PACKAGE) | ||
129 | AC_SUBST(VERSION) | ||
130 | AC_SUBST(DESTDIR) | ||
131 | Index: lynx.cfg | ||
132 | --- 2.8.5rel.3/lynx.cfg Wed Jan 28 11:30:38 2004 | ||
133 | +++ 2.8.5rel.4/lynx.cfg Wed Jan 28 11:30:38 2004 | ||
134 | @@ -3,10 +3,10 @@ | ||
135 | # or Lynx_Dir:lynx.cfg (VMS) | ||
136 | # | ||
137 | # $Format: "#PRCS LYNX_VERSION \"$ProjectVersion$\""$ | ||
138 | -#PRCS LYNX_VERSION "2.8.5rel.3" | ||
139 | +#PRCS LYNX_VERSION "2.8.5rel.4" | ||
140 | # | ||
141 | # $Format: "#PRCS LYNX_DATE \"$ProjectDate$\""$ | ||
142 | -#PRCS LYNX_DATE "Mon, 17 Oct 2005 13:47:09 -0700" | ||
143 | +#PRCS LYNX_DATE "Tue, 25 Oct 2005 17:40:26 -0700" | ||
144 | # | ||
145 | # Definition pairs are of the form VARIABLE:DEFINITION | ||
146 | # NO spaces are allowed between the pair items. | ||
147 | Index: src/LYMainLoop.c | ||
148 | --- 2.8.5rel.3/src/LYMainLoop.c Wed Jan 28 11:30:38 2004 | ||
149 | +++ 2.8.5rel.4/src/LYMainLoop.c Tue Oct 25 17:40:26 2005 | ||
150 | @@ -5207,8 +5207,8 @@ | ||
151 | char cfile[128]; | ||
152 | FILE *cfp; | ||
153 | char *cp; | ||
154 | - int ch, recall; | ||
155 | - int URLTotal; | ||
156 | + int ch = 0, recall = 0; | ||
157 | + int URLTotal = 0; | ||
158 | int URLNum; | ||
159 | BOOLEAN FirstURLRecall = TRUE; | ||
160 | char *temp = NULL; | ||
161 | Index: src/LYOptions.c | ||
162 | --- 2.8.5rel.3/src/LYOptions.c Wed Jan 28 11:30:38 2004 | ||
163 | +++ 2.8.5rel.4/src/LYOptions.c Tue Oct 25 17:40:26 2005 | ||
164 | @@ -2488,7 +2488,7 @@ | ||
165 | PostPair *data = 0; | ||
166 | DocAddress WWWDoc; /* need on exit */ | ||
167 | int i; | ||
168 | - int code; | ||
169 | + int code = 0; | ||
170 | BOOLEAN save_all = FALSE; | ||
171 | int display_char_set_old = current_char_set; | ||
172 | BOOLEAN raw_mode_old = LYRawMode; | ||
173 | @@ -2642,7 +2642,7 @@ | ||
174 | |||
175 | /* Keypad Mode: SELECT */ | ||
176 | if (!strcmp(data[i].tag, keypad_mode_string)) { | ||
177 | - int newval; | ||
178 | + int newval = 0; | ||
179 | if (GetOptValues(keypad_mode_values, data[i].value, &newval) | ||
180 | && keypad_mode != newval) { | ||
181 | keypad_mode = newval; | ||
182 | Index: src/LYStrings.c | ||
183 | --- 2.8.5rel.3/src/LYStrings.c Mon Feb 2 12:02:28 2004 | ||
184 | +++ 2.8.5rel.4/src/LYStrings.c Tue Oct 25 17:40:26 2005 | ||
185 | @@ -1046,7 +1046,7 @@ | ||
186 | BOOLEAN ok = FALSE; | ||
187 | |||
188 | if (*src == SQUOTE) { | ||
189 | - int keysym; | ||
190 | + int keysym = 0; | ||
191 | unescaped_char(src, &keysym); | ||
192 | if (keysym >= 0) { | ||
193 | dst[0] = keysym; | ||
194 | Index: userdefs.h | ||
195 | --- 2.8.5rel.3/userdefs.h Mon Feb 2 12:02:28 2004 | ||
196 | +++ 2.8.5rel.4/userdefs.h Mon Feb 2 12:02:28 2004 | ||
197 | @@ -1360,11 +1360,11 @@ | ||
198 | * the version definition with the Project Version on checkout. Just | ||
199 | * ignore it. - kw */ | ||
200 | /* $Format: "#define LYNX_VERSION \"$ProjectVersion$\""$ */ | ||
201 | -#define LYNX_VERSION "2.8.5rel.3" | ||
202 | +#define LYNX_VERSION "2.8.5rel.4" | ||
203 | #define LYNX_WWW_HOME "http://lynx.isc.org/" | ||
204 | #define LYNX_WWW_DIST "http://lynx.isc.org/current/" | ||
205 | /* $Format: "#define LYNX_DATE \"$ProjectDate$\""$ */ | ||
206 | -#define LYNX_DATE "Mon, 17 Oct 2005 13:47:09 -0700" | ||
207 | +#define LYNX_DATE "Tue, 25 Oct 2005 17:40:26 -0700" | ||
208 | #define LYNX_DATE_OFF 5 /* truncate the automatically-generated date */ | ||
209 | #define LYNX_DATE_LEN 11 /* truncate the automatically-generated date */ | ||
210 |