openpkg
/
openpkg-packages
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
70910 Commits
1 Branch
2 Tags
595 MiB
Tree: 0fbd1feb83
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0fbd1feb83'
${ noResults }
openpkg-packages/enscript/enscript.patch

394 lines
11 KiB
Raw Normal View History Unescape

upgrade to newer version; apply security fixes; cleanup packaging
21 years ago
Security bugfixes (CAN-2004-1184, CAN-2004-1185, CAN-2004-1186)
and some additional non-security bugfixes.
Index: compat/regex.c
--- compat/regex.c.orig 1998-10-20 15:39:02 +0200
+++ compat/regex.c 2005-02-05 09:50:45 +0100
@@ -2400,11 +2400,13 @@
case ')':
if (syntax & RE_NO_BK_PARENS) goto normal_backslash;
- if (COMPILE_STACK_EMPTY)
- if (syntax & RE_UNMATCHED_RIGHT_PAREN_ORD)
+ if (COMPILE_STACK_EMPTY) {
+ if (syntax & RE_UNMATCHED_RIGHT_PAREN_ORD) {
goto normal_backslash;
- else
+ } else {
FREE_STACK_RETURN (REG_ERPAREN);
+ }
+ }
handle_close:
if (fixup_alt_jump)
@@ -2420,11 +2422,13 @@
}
/* See similar code for backslashed left paren above. */
- if (COMPILE_STACK_EMPTY)
- if (syntax & RE_UNMATCHED_RIGHT_PAREN_ORD)
+ if (COMPILE_STACK_EMPTY) {
+ if (syntax & RE_UNMATCHED_RIGHT_PAREN_ORD) {
goto normal_char;
- else
+ } else {
FREE_STACK_RETURN (REG_ERPAREN);
+ }
+ }
/* Since we just checked for an empty stack above, this
``can't happen''. */
Index: docs/Makefile.in
--- docs/Makefile.in.orig 2002-01-24 08:39:44 +0100
+++ docs/Makefile.in 2005-02-05 09:50:45 +0100
@@ -284,7 +284,7 @@
enscript.fns enscript.ky enscript.kys enscript.ps \
enscript.log enscript.pg enscript.toc enscript.tp \
enscript.tps enscript.vr enscript.vrs enscript.op enscript.tr \
- enscript.cv enscript.cn
+ enscript.cv enscript.cn enscript.1 states.1
clean-aminfo:
Index: docs/enscript.man
--- docs/enscript.man.orig 2000-11-30 07:55:31 +0100
+++ docs/enscript.man 2005-02-05 09:50:45 +0100
@@ -118,7 +118,7 @@
The header string \f2header\f1 can contain the same formatting escapes
which can be specified for the \f3%Format\f1 directives in the user
defined fancy headers. For example, the following option prints the
-file name, current data and page numbers:
+file name, current date and page numbers:
\f3enscript \-\-header='$n %W Page $% of $=' *.c\f1
Index: lib/enscript-color.hdr
--- lib/enscript-color.hdr.orig 1998-12-29 09:40:47 +0100
+++ lib/enscript-color.hdr 2005-02-05 09:50:45 +0100
@@ -27,8 +27,8 @@
% -- code follows this line --
%%DocumentNeededResources: font Times-Bold Times-Roman
-%Format: moddatestr $W
-%Format: modtimestr $C
+%Format: moddatestr $D{%x}
+%Format: modtimestr $D{%X}
%Format: pagenumstr $%
%Format: pagecountstr /$=
Index: lib/enscript.hdr
--- lib/enscript.hdr.orig 1997-03-03 09:20:34 +0100
+++ lib/enscript.hdr 2005-02-05 09:50:45 +0100
@@ -25,8 +25,8 @@
% -- code follows this line --
%%DocumentNeededResources: font Times-Bold Times-Roman
-%Format: moddatestr $W
-%Format: modtimestr $C
+%Format: moddatestr $D{%x}
+%Format: modtimestr $D{%X}
%Format: pagenumstr $%
% Fonts.
Index: src/gsint.h
--- src/gsint.h.orig 2000-07-11 17:28:06 +0200
+++ src/gsint.h 2005-02-05 09:50:45 +0100
@@ -701,4 +701,9 @@
*/
void printer_close ___P ((void *context));
+/*
+ * Escape filenames for shell usage
+ */
+char *shell_escape ___P ((const char *fn));
+
#endif /* not GSINT_H */
Index: src/main.c
--- src/main.c.orig 2002-01-24 08:35:45 +0100
+++ src/main.c 2005-02-05 09:50:45 +0100
@@ -973,6 +973,8 @@
*/
#if HAVE_LC_MESSAGES
setlocale (LC_MESSAGES, "");
+ setlocale (LC_CTYPE, "");
+ setlocale (LC_TIME, "");
#endif
#endif
#if ENABLE_NLS
@@ -1546,9 +1548,13 @@
buffer_append (&cmd, intbuf);
buffer_append (&cmd, " ");
- buffer_append (&cmd, "-Ddocument_title=\"");
- buffer_append (&cmd, title);
- buffer_append (&cmd, "\" ");
+ buffer_append (&cmd, "-Ddocument_title=\'");
+ if ((cp = shell_escape (title)) != NULL)
+ {
+ buffer_append (&cmd, cp);
+ free (cp);
+ }
+ buffer_append (&cmd, "\' ");
buffer_append (&cmd, "-Dtoc=");
buffer_append (&cmd, toc ? "1" : "0");
@@ -1565,8 +1571,14 @@
/* Append input files. */
for (i = optind; i < argc; i++)
{
- buffer_append (&cmd, " ");
- buffer_append (&cmd, argv[i]);
+ char *cp;
+ if ((cp = shell_escape (argv[i])) != NULL)
+ {
+ buffer_append (&cmd, " \'");
+ buffer_append (&cmd, cp);
+ buffer_append (&cmd, "\'");
+ free (cp);
+ }
}
/* And do the job. */
@@ -1627,7 +1639,7 @@
buffer_ptr (opts), buffer_len (opts));
}
- buffer_append (&buffer, " \"%s\"");
+ buffer_append (&buffer, " \'%s\'");
input_filter = buffer_copy (&buffer);
input_filter_stdin = "-";
Index: src/mkafmmap.c
--- src/mkafmmap.c.orig 1997-07-03 13:14:59 +0200
+++ src/mkafmmap.c 2005-02-05 09:50:45 +0100
@@ -126,6 +126,7 @@
#if HAVE_SETLOCALE
#if HAVE_LC_MESSAGES
setlocale (LC_MESSAGES, "");
+ setlocale (LC_CTYPE, "");
#endif
#endif
#if ENABLE_NLS
Index: src/psgen.c
--- src/psgen.c.orig 2002-01-24 08:38:58 +0100
+++ src/psgen.c 2005-02-05 09:50:45 +0100
@@ -2034,8 +2034,9 @@
else
{
ftail++;
- strncpy (buf, fname, ftail - fname);
- buf[ftail - fname] = '\0';
+ i = ftail - fname >= sizeof (buf)-1 ? sizeof (buf)-1 : ftail - fname;
+ strncpy (buf, fname, i);
+ buf[i] = '\0';
}
if (nup > 1)
@@ -2385,9 +2386,10 @@
MESSAGE (2, (stderr, "^@epsf=\"%s\"\n", token->u.epsf.filename));
i = strlen (token->u.epsf.filename);
+ /*
if (i > 0 && token->u.epsf.filename[i - 1] == '|')
{
- /* Read EPS data from pipe. */
+ / * Read EPS data from pipe. * /
token->u.epsf.pipe = 1;
token->u.epsf.filename[i - 1] = '\0';
token->u.epsf.fp = popen (token->u.epsf.filename, "r");
@@ -2400,6 +2402,7 @@
}
}
else
+ */
{
char *filename;
@@ -2581,7 +2584,7 @@
read_float (InputStream *is, int units, int horizontal)
{
char buf[256];
- int i, ch;
+ int i, ch = 0;
double val;
for (i = 0; (i < sizeof (buf) - 1
Index: src/util.c
--- src/util.c.orig 1999-09-17 17:26:51 +0200
+++ src/util.c 2005-02-05 09:59:00 +0100
@@ -1239,6 +1239,8 @@
/* Create result. */
cp = xmalloc (len + 1);
+ if (cp == NULL)
+ return NULL;
for (i = 0, j = 0; string[i]; i++)
switch (string[i])
{
@@ -1879,6 +1881,7 @@
char *cmd = NULL;
int cmdlen;
int i, pos;
+ char *cp;
is->is_pipe = 1;
@@ -1902,12 +1905,16 @@
{
case 's':
/* Expand cmd-buffer. */
- cmdlen += strlen (fname);
- cmd = xrealloc (cmd, cmdlen);
+ if ((cp = shell_escape (fname)) != NULL)
+ {
+ cmdlen += strlen (cp);
+ cmd = xrealloc (cmd, cmdlen);
- /* Paste filename. */
- strcpy (cmd + pos, fname);
- pos += strlen (fname);
+ /* Paste filename. */
+ strcpy (cmd + pos, cp);
+ pos += strlen (cp);
+ free (cp);
+ }
i++;
break;
@@ -1991,12 +1998,13 @@
if (is->bufpos >= is->data_in_buf)
{
/* At the EOF? */
- if (is->nreads > 0 && is->data_in_buf < sizeof (is->buf))
+ if (is->nreads > 0 && is->data_in_buf < sizeof (is->buf)-1)
/* Yes. */
return EOF;
/* Read more data. */
- is->data_in_buf = fread (is->buf, 1, sizeof (is->buf), is->fp);
+ memset (is->buf, 0, sizeof (is->buf));
+ is->data_in_buf = fread (is->buf, 1, sizeof (is->buf)-1, is->fp);
is->bufpos = 0;
is->nreads++;
@@ -2116,3 +2124,36 @@
{
return buffer->len;
}
+
+/*
+ * Escapes the name of a file so that the shell groks it in 'single'
+ * quotation marks. The resulting pointer has to be free()ed when not
+ * longer used.
+*/
+char *
+shell_escape(const char *fn)
+{
+ size_t len = 0;
+ const char *inp;
+ char *retval, *outp;
+
+ for(inp = fn; *inp; ++inp)
+ switch(*inp)
+ {
+ case '\'': len += 4; break;
+ default: len += 1; break;
+ }
+
+ outp = retval = malloc(len + 1);
+ if(!outp)
+ return NULL; /* perhaps one should do better error handling here */
+ for(inp = fn; *inp; ++inp)
+ switch(*inp)
+ {
+ case '\'': *outp++ = '\''; *outp++ = '\\'; *outp++ = '\'', *outp++ = '\''; break;
+ default: *outp++ = *inp; break;
+ }
+ *outp = 0;
+
+ return retval;
+}
Index: states/main.c
--- states/main.c.orig 2000-11-30 07:40:17 +0100
+++ states/main.c 2005-02-05 09:50:45 +0100
@@ -202,6 +202,7 @@
#if HAVE_SETLOCALE
#if HAVE_LC_MESSAGES
setlocale (LC_MESSAGES, "");
+ setlocale (LC_CTYPE, "");
#endif
#endif
#if ENABLE_NLS
Index: states/over.in
--- states/over.in.orig 1997-03-19 11:24:49 +0100
+++ states/over.in 2005-02-05 09:50:45 +0100
@@ -2,4 +2,4 @@
librarydir=@LIBRARYDIR@
-enscript -E -p- --quiet --language=overstrike $* 2>&1 | less
+enscript -E -p- --quiet --language=overstrike "$@" 2>&1 | sensible-pager
Index: afm/Makefile.in
--- afm/Makefile.in.orig 2002-01-24 08:39:24 +0100
+++ afm/Makefile.in 2005-02-05 10:04:31 +0100
@@ -227,10 +227,10 @@
install-data-local:
- $(top_srcdir)/mkinstalldirs $(datadir)/enscript
- $(top_srcdir)/mkinstalldirs $(datadir)/enscript/afm
+ $(top_srcdir)/mkinstalldirs $(DESTDIR)$(datadir)/enscript
+ $(top_srcdir)/mkinstalldirs $(DESTDIR)$(datadir)/enscript/afm
for f in $(EXTRA_DIST); do \
- $(INSTALL_DATA) $(srcdir)/$$f $(datadir)/enscript/afm/$$f; \
+ $(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(datadir)/enscript/afm/$$f; \
done
uninstall-local:
Index: lib/Makefile.in
--- lib/Makefile.in.orig 2002-01-24 08:39:27 +0100
+++ lib/Makefile.in 2005-02-05 10:07:31 +0100
@@ -254,15 +254,15 @@
all-local: enscript.cfg
install-data-local: enscript.cfg
- $(top_srcdir)/mkinstalldirs $(sysconfdir)
- if test -r $(sysconfdir)/enscript.cfg; then \
- cp $(sysconfdir)/enscript.cfg $(sysconfdir)/enscript.cfg.old; \
+ $(top_srcdir)/mkinstalldirs $(DESTDIR)$(sysconfdir)
+ if test -r $(DESTDIR)$(sysconfdir)/enscript.cfg; then \
+ cp $(DESTDIR)$(sysconfdir)/enscript.cfg $(DESTDIR)$(sysconfdir)/enscript.cfg.old; \
else :; \
fi
- $(INSTALL_DATA) enscript.cfg $(sysconfdir)/enscript.cfg
+ $(INSTALL_DATA) enscript.cfg $(DESTDIR)$(sysconfdir)/enscript.cfg
uninstall-local:
- rm -f $(sysconfdir)/enscript.cfg
+ rm -f $(DESTDIR)$(sysconfdir)/enscript.cfg
enscript.cfg: $(srcdir)/enscript.cfg.in Makefile
sed 's%@DATADIR@%$(datadir)%g; s%@media@%@MEDIA@%g; s%@BINDIR@%$(bindir)%g; s%@spooler@%@SPOOLER@%g; s%@pslevel@%@PSLEVEL@%g; s%@queueparam@%@QUEUEPARAM@%g' \
Index: states/hl/Makefile.in
--- states/hl/Makefile.in.orig 2002-01-24 08:39:40 +0100
+++ states/hl/Makefile.in 2005-02-05 14:17:13 +0100
@@ -234,14 +234,14 @@
install-data-local:
- $(top_srcdir)/mkinstalldirs $(datadir)/enscript
- $(top_srcdir)/mkinstalldirs $(datadir)/enscript/hl
+ $(top_srcdir)/mkinstalldirs $(DESTDIR)$(datadir)/enscript
+ $(top_srcdir)/mkinstalldirs $(DESTDIR)$(datadir)/enscript/hl
for f in $(states); do \
- $(INSTALL_DATA) $(srcdir)/$$f $(datadir)/enscript/hl/$$f; \
+ $(INSTALL_DATA) $(srcdir)/$$f $(DESTDIR)$(datadir)/enscript/hl/$$f; \
done
uninstall-local:
- rm -rf $(datadir)/enscript/hl
+ rm -rf $(DESTDIR)$(datadir)/enscript/hl
# Tell versions [3.59,3.63) of GNU make to not export all variables.
# Otherwise a system limit (for SysV at least) may be exceeded.