wallenstein/void-packages
1
0
Fork 0
mirror of https://github.com/void-linux/void-packages.git synced 2025-06-05 06:33:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

gdbm: added patch (Arch) to improve security.

Browse source
This commit is contained in:
Juan RP 2012-01-13 10:00:05 +01:00
parent 2ae8307fa8
commit 474da011cb
3 changed files with 40 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
srcpkgs/gdbm/gdbm-devel.template
View file

@ -1,6 +1,6 @@
# Template file for 'gdbm-devel'. # Template file for 'gdbm-devel'.
# #
revision=1 revision=2
short_desc="${short_desc} - development files" short_desc="${short_desc} - development files"
long_desc="${long_desc} long_desc="${long_desc}

38
srcpkgs/gdbm/patches/gdbm-1.10-zeroheaders.patch Normal file
View file

@ -0,0 +1,38 @@
# Prevent gdbm from storing uninitialized memory content
# to database files. This patch improves security, as the
# uninitialized memory might contain sensitive informations
# from other applications.
# https://bugzilla.redhat.com/show_bug.cgi?id=4457
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=208927
--- src/falloc.c.zeroheaders 2011-11-11 11:59:11.000000000 +0100
+++ src/falloc.c 2011-11-14 17:34:32.487604027 +0100
@@ -255,7 +255,7 @@ push_avail_block (GDBM_FILE dbf)
/* Split the header block. */
- temp = (avail_block *) malloc (av_size);
+ temp = (avail_block *) calloc (1, av_size);
if (temp == NULL) _gdbm_fatal (dbf, _("malloc error"));
/* Set the size to be correct AFTER the pop_avail_block. */
temp->size = dbf->header->avail.size;
--- src/gdbmopen.c.zeroheaders 2011-11-11 19:39:42.000000000 +0100
+++ src/gdbmopen.c 2011-11-14 17:33:24.867608650 +0100
@@ -264,7 +264,7 @@ gdbm_open (const char *file, int block_s
(dbf->header->block_size - sizeof (hash_bucket))
/ sizeof (bucket_element) + 1;
dbf->header->bucket_size = dbf->header->block_size;
- dbf->bucket = (hash_bucket *) malloc (dbf->header->bucket_size);
+ dbf->bucket = (hash_bucket *) calloc (1, dbf->header->bucket_size);
if (dbf->bucket == NULL)
{
gdbm_close (dbf);
@@ -456,7 +456,7 @@ _gdbm_init_cache(GDBM_FILE dbf, size_t s
for(index = 0; index < size; index++)
{
(dbf->bucket_cache[index]).ca_bucket
- = (hash_bucket *) malloc (dbf->header->bucket_size);
+ = (hash_bucket *) calloc (1, dbf->header->bucket_size);
if ((dbf->bucket_cache[index]).ca_bucket == NULL)
{
gdbm_errno = GDBM_MALLOC_ERROR;

2
srcpkgs/gdbm/template
View file

@ -1,7 +1,7 @@
# Template file for 'gdbm' # Template file for 'gdbm'
pkgname=gdbm pkgname=gdbm
version=1.10 version=1.10
revision=1 revision=2
homepage="http://www.gnu.org.ua/software/gdbm/" homepage="http://www.gnu.org.ua/software/gdbm/"
distfiles="http://ftp.gnu.org/gnu/$pkgname/$pkgname-$version.tar.gz" distfiles="http://ftp.gnu.org/gnu/$pkgname/$pkgname-$version.tar.gz"
build_style=gnu-configure build_style=gnu-configure