aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--gnu/local.mk1
-rw-r--r--gnu/packages/games.scm3
-rw-r--r--gnu/packages/patches/xboing-CVE-2004-0149.patch134
3 files changed, 137 insertions, 1 deletions
diff --git a/gnu/local.mk b/gnu/local.mk
index 8ffcc58005..88e3c770aa 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1141,6 +1141,7 @@ dist_patch_DATA = \
%D%/packages/patches/wpa-supplicant-fix-zeroed-keys.patch \
%D%/packages/patches/wpa-supplicant-fix-nonce-reuse.patch \
%D%/packages/patches/wpa-supplicant-krack-followups.patch \
+ %D%/packages/patches/xboing-CVE-2004-0149.patch \
%D%/packages/patches/xcb-proto-python3-print.patch \
%D%/packages/patches/xcb-proto-python3-whitespace.patch \
%D%/packages/patches/xdotool-fix-makefile.patch \
diff --git a/gnu/packages/games.scm b/gnu/packages/games.scm
index cc21a63f53..c494d0beba 100644
--- a/gnu/packages/games.scm
+++ b/gnu/packages/games.scm
@@ -1071,7 +1071,8 @@ Portable Game Notation.")
(uri (string-append "http://www.techrescue.org/xboing/xboing"
version ".tar.gz"))
(sha256
- (base32 "16m2si8wmshxpifk861vhpqviqxgcg8bxj6wfw8hpnm4r2w9q0b7"))))
+ (base32 "16m2si8wmshxpifk861vhpqviqxgcg8bxj6wfw8hpnm4r2w9q0b7"))
+ (patches (search-patches "xboing-CVE-2004-0149.patch"))))
(arguments
`(#:tests? #f
#:phases
diff --git a/gnu/packages/patches/xboing-CVE-2004-0149.patch b/gnu/packages/patches/xboing-CVE-2004-0149.patch
new file mode 100644
index 0000000000..b40146b434
--- /dev/null
+++ b/gnu/packages/patches/xboing-CVE-2004-0149.patch
@@ -0,0 +1,134 @@
+https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0149
+https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=174924
+---
+ demo.c | 2 +-
+ editor.c | 12 ++++++------
+ file.c | 2 +-
+ highscore.c | 6 +++---
+ misc.c | 2 +-
+ preview.c | 2 +-
+ 6 files changed, 13 insertions(+), 13 deletions(-)
+
+diff --git a/demo.c b/demo.c
+index 9084e70..f4fc2cd 100644
+--- a/demo.c
++++ b/demo.c
+@@ -154,7 +154,7 @@ static void DoBlocks(display, window)
+
+ /* Construct the demo level filename */
+ if ((str = getenv("XBOING_LEVELS_DIR")) != NULL)
+- sprintf(levelPath, "%s/demo.data", str);
++ snprintf(levelPath, sizeof(levelPath),"%s/demo.data", str);
+ else
+ sprintf(levelPath, "%s/demo.data", LEVEL_INSTALL_DIR);
+
+diff --git a/editor.c b/editor.c
+index f2bb9ed..66d0679 100644
+--- a/editor.c
++++ b/editor.c
+@@ -213,7 +213,7 @@ static void DoLoadLevel(display, window)
+
+ /* Construct the Edit level filename */
+ if ((str = getenv("XBOING_LEVELS_DIR")) != NULL)
+- sprintf(levelPath, "%s/editor.data", str);
++ snprintf(levelPath,sizeof(levelPath)-1, "%s/editor.data", str);
+ else
+ sprintf(levelPath, "%s/editor.data", LEVEL_INSTALL_DIR);
+
+@@ -958,8 +958,8 @@ static void LoadALevel(display)
+ if ((num > 0) && (num <= MAX_NUM_LEVELS))
+ {
+ /* Construct the Edit level filename */
+- if ((str2 = getenv("XBOING_LEVELS_DIR")) != NULL)
+- sprintf(levelPath, "%s/level%02ld.data", str2, (u_long) num);
++ if ((str2 = getenv("XBOING_LEVELS_DIR")) != NULL)
++ snprintf(levelPath, sizeof(levelPath)-1,"%s/level%02ld.data", str2, (u_long) num);
+ else
+ sprintf(levelPath, "%s/level%02ld.data",
+ LEVEL_INSTALL_DIR, (u_long) num);
+@@ -1017,9 +1017,9 @@ static void SaveALevel(display)
+ num = atoi(str);
+ if ((num > 0) && (num <= MAX_NUM_LEVELS))
+ {
+- /* Construct the Edit level filename */
+- if ((str2 = getenv("XBOING_LEVELS_DIR")) != NULL)
+- sprintf(levelPath, "%s/level%02ld.data", str2, (u_long) num);
++ /* Construct the Edit level filename */
++ if ((str2 = getenv("XBOING_LEVELS_DIR")) != NULL)
++ snprintf(levelPath, sizeof(levelPath)-1,"%s/level%02ld.data", str2, (u_long) num);
+ else
+ sprintf(levelPath, "%s/level%02ld.data",
+ LEVEL_INSTALL_DIR, (u_long) num);
+diff --git a/file.c b/file.c
+index 4c043cd..99a0854 100644
+--- a/file.c
++++ b/file.c
+@@ -139,7 +139,7 @@ void SetupStage(display, window)
+
+ /* Construct the level filename */
+ if ((str = getenv("XBOING_LEVELS_DIR")) != NULL)
+- sprintf(levelPath, "%s/level%02ld.data", str, newLevel);
++ snprintf(levelPath,sizeof(levelPath), "%s/level%02ld.data", str, newLevel);
+ else
+ sprintf(levelPath, "%s/level%02ld.data", LEVEL_INSTALL_DIR, newLevel);
+
+diff --git a/highscore.c b/highscore.c
+index f0db3e9..792273e 100644
+--- a/highscore.c
++++ b/highscore.c
+@@ -1023,7 +1023,7 @@ int ReadHighScoreTable(type)
+ {
+ /* Use the environment variable if it exists */
+ if ((str = getenv("XBOING_SCORE_FILE")) != NULL)
+- strcpy(filename, str);
++ strncpy(filename, str, sizeof(filename)-1);
+ else
+ strcpy(filename, HIGH_SCORE_FILE);
+ }
+@@ -1095,7 +1095,7 @@ int WriteHighScoreTable(type)
+ {
+ /* Use the environment variable if it exists */
+ if ((str = getenv("XBOING_SCORE_FILE")) != NULL)
+- strcpy(filename, str);
++ strncpy(filename, str, sizeof(filename)-1);
+ else
+ strcpy(filename, HIGH_SCORE_FILE);
+ }
+@@ -1218,7 +1218,7 @@ static int LockUnlock(cmd)
+
+ /* Use the environment variable if it exists */
+ if ((str = getenv("XBOING_SCORE_FILE")) != NULL)
+- strcpy(filename, str);
++ strncpy(filename, str, sizeof(filename)-1);
+ else
+ strcpy(filename, HIGH_SCORE_FILE);
+
+diff --git a/misc.c b/misc.c
+index f3ab37e..7f3ddce 100644
+--- a/misc.c
++++ b/misc.c
+@@ -427,7 +427,7 @@ char *GetHomeDir()
+ */
+
+ if ((ptr = getenv("HOME")) != NULL)
+- (void) strcpy(dest, ptr);
++ (void) strncpy(dest, ptr,sizeof(dest)-1);
+ else
+ {
+ /* HOME variable is not present so get USER var */
+diff --git a/preview.c b/preview.c
+index 41c1187..687f566 100644
+--- a/preview.c
++++ b/preview.c
+@@ -139,7 +139,7 @@ static void DoLoadLevel(display, window)
+
+ /* Construct the Preview level filename */
+ if ((str = getenv("XBOING_LEVELS_DIR")) != NULL)
+- sprintf(levelPath, "%s/level%02d.data", str, lnum);
++ snprintf(levelPath, sizeof(levelPath)-1, "%s/level%02d.data", str, lnum);
+ else
+ sprintf(levelPath, "%s/level%02d.data", LEVEL_INSTALL_DIR, lnum);
+
+--
+2.15.1
+