Bug 59510 - security/libparanoia port kill() fix
Summary: security/libparanoia port kill() fix
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Sergey A. Osokin
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2003-11-20 15:10 UTC by Valentin Nechayev
Modified: 2003-11-21 15:00 UTC (History)
1 user (show)

See Also:

Attachments
file.diff (363 bytes, patch)
2003-11-20 15:10 UTC, Valentin Nechayev 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Valentin Nechayev 2003-11-20 15:10:00 UTC 
libparanoia (ports/security/libparanoia) should abort program in case
of stack frame bounds violation.
In kill() in stentry.c, argument order is incorrect.
As result, self-aborting isn't working.

Fix: 

Add patch:
How-To-Repeat: 
Read kill(2) man and see code.
Comment 1 osa 2003-11-20 15:38:24 UTC 
On Thu, Nov 20, 2003 at 05:06:36PM +0200, Valentin Nechayev wrote:
> 
> --- stentry.c.orig	Thu Nov 20 16:59:32 2003
> +++ stentry.c	Thu Nov 20 17:00:31 2003
> @@ -20,7 +20,7 @@
>  	openlog(__progname,LOG_NDELAY|LOG_PERROR|LOG_PID|LOG_CONS,LOG_USER);\
>          syslog(LOG_ERR,"Stack violation - exiting");\
>          closelog();\
> -        kill(SIGSEGV,getpid());\
> +        kill(getpid(),SIGSEGV);\
>          exit(1) ;\
>  
>  #ifdef PARANOIDAL_ROOT

Here is another and small version of patch (also my version save inode),
please review and approve.
Thanks.

Index: ports/security/libparanoia/Makefile
===================================================================
RCS file: /home/pcvs/ports/security/libparanoia/Makefile,v
retrieving revision 1.12
diff -u -u -r1.12 Makefile
--- ports/security/libparanoia/Makefile	3 Nov 2003 19:32:09 -0000	1.12
+++ ports/security/libparanoia/Makefile	20 Nov 2003 15:34:14 -0000
@@ -6,7 +6,7 @@
 
 PORTNAME=	libparanoia
 PORTVERSION=	1.4
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	security
 MASTER_SITES=	ftp://ftp.lexa.ru/pub/domestic/snar/
 
@@ -14,6 +14,7 @@
 COMMENT=	Safe (in the mean of stack smashing) reincarnation of strcpy et al
 
 ONLY_FOR_ARCHS=	i386
+USE_REINPLACE=	yes
 
 INSTALLS_SHLIB=	yes
 
@@ -26,6 +27,10 @@
 .endif
 
 .include <bsd.port.pre.mk>
+
+pre-patch:
+	@${REINPLACE_CMD} -e 's|\(SIGSEGV\),\(getpid()\)|\2,\1|' \
+		${WRKSRC}/stentry.c
 
 .if ${OSVERSION} >= 500039
 post-patch:
-------------------------------------------

-- 

Rgdz,                        /"\  ASCII RIBBON CAMPAIGN
Sergey Osokin aka oZZ,       \ /    AGAINST HTML MAIL
http://ozz.pp.ru/             X          AND NEWS
                             / \
Comment 2 Sergey A. Osokin freebsd_committer freebsd_triage 2003-11-20 16:04:23 UTC 
Responsible Changed
From-To: freebsd-ports-bugs->osa

I'll handle this.
Comment 3 Valentin Nechayev 2003-11-21 10:50:09 UTC 
 Thu, Nov 20, 2003 at 18:38:24, osa wrote about "Re: ports/59510: security/libparanoia port kill() fix": 

>> -        kill(SIGSEGV,getpid());\
>> +        kill(getpid(),SIGSEGV);\
>>          exit(1) ;\
>>  
>>  #ifdef PARANOIDAL_ROOT

> Here is another and small version of patch (also my version save inode),
> please review and approve.

Well, it is working AFAICS.

> +
> +pre-patch:
> +	@${REINPLACE_CMD} -e 's|\(SIGSEGV\),\(getpid()\)|\2,\1|' \
> +		${WRKSRC}/stentry.c


-netch-
Comment 4 Sergey A. Osokin freebsd_committer freebsd_triage 2003-11-21 15:00:04 UTC 
State Changed
From-To: open->closed

I committed my version of patch. 
Thanks for submission!