dtach: 0.8 -> 0.9
Remove CVE patch that has been merged upstream.
This commit is contained in:
parent
f249570340
commit
3257ec39c3
@ -1,15 +1,14 @@
|
||||
{ stdenv, fetchurl }:
|
||||
|
||||
stdenv.mkDerivation rec {
|
||||
name = "dtach-0.8";
|
||||
name = "dtach-${version}";
|
||||
version = "0.9";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://sourceforge/project/dtach/dtach/0.8/dtach-0.8.tar.gz";
|
||||
sha256 = "16614ebddf8ab2811d3dc0e7f329c7de88929ac6a9632d4cb4aef7fe11b8f2a9";
|
||||
url = "mirror://sourceforge/project/dtach/dtach/${version}/${name}.tar.gz";
|
||||
sha256 = "1wwj2hlngi8qn2pisvhyfxxs8gyqjlgrrv5lz91w8ly54dlzvs9j";
|
||||
};
|
||||
|
||||
patches = [ ./fix-CVE-2012-3368.patch ];
|
||||
|
||||
installPhase = ''
|
||||
mkdir -p $out/bin
|
||||
cp dtach $out/bin/dtach
|
||||
@ -19,12 +18,14 @@ stdenv.mkDerivation rec {
|
||||
homepage = http://dtach.sourceforge.net/;
|
||||
description = "A program that emulates the detach feature of screen";
|
||||
|
||||
longDescription = ''dtach is a tiny program that emulates the
|
||||
detach feature of screen, allowing you to run a program in an
|
||||
environment that is protected from the controlling terminal and
|
||||
attach to it later. dtach does not keep track of the contents of
|
||||
the screen, and thus works best with programs that know how to
|
||||
redraw themselves.'';
|
||||
longDescription = ''
|
||||
dtach is a tiny program that emulates the detach feature of
|
||||
screen, allowing you to run a program in an environment that is
|
||||
protected from the controlling terminal and attach to it later.
|
||||
dtach does not keep track of the contents of the screen, and
|
||||
thus works best with programs that know how to redraw
|
||||
themselves.
|
||||
'';
|
||||
|
||||
license = stdenv.lib.licenses.gpl2Plus;
|
||||
|
||||
|
@ -1,49 +0,0 @@
|
||||
Fix error handling for read from stdin in attach.c
|
||||
|
||||
attach.c did not correctly handle a read from stdin when read returned
|
||||
an error. The code assigned the return value of read to pkt.len (an
|
||||
unsigned char) before checking the value. This prevented the error check
|
||||
from working correctly, since an unsigned integer can never be < 0.
|
||||
|
||||
A packet with an invalid length was then sent to the master, which then
|
||||
sent 255 bytes of garbage to the program.
|
||||
|
||||
Fix the bug in attach.c and the unchecked packet length bug in master.c.
|
||||
|
||||
Report and initial patch by Enrico Scholz.
|
||||
|
||||
--- a/master.c 2012/07/01 21:26:10 1.14
|
||||
+++ b/master.c 2012/07/01 21:44:34 1.15
|
||||
@@ -351,7 +351,10 @@
|
||||
|
||||
/* Push out data to the program. */
|
||||
if (pkt.type == MSG_PUSH)
|
||||
- write(the_pty.fd, pkt.u.buf, pkt.len);
|
||||
+ {
|
||||
+ if (pkt.len <= sizeof(pkt.u.buf))
|
||||
+ write(the_pty.fd, pkt.u.buf, pkt.len);
|
||||
+ }
|
||||
|
||||
/* Attach or detach from the program. */
|
||||
else if (pkt.type == MSG_ATTACH)
|
||||
--- a/attach.c 2012/07/01 21:26:10 1.12
|
||||
+++ b/attach.c 2012/07/01 21:44:34 1.13
|
||||
@@ -237,12 +237,16 @@
|
||||
/* stdin activity */
|
||||
if (n > 0 && FD_ISSET(0, &readfds))
|
||||
{
|
||||
+ ssize_t len;
|
||||
+
|
||||
pkt.type = MSG_PUSH;
|
||||
memset(pkt.u.buf, 0, sizeof(pkt.u.buf));
|
||||
- pkt.len = read(0, pkt.u.buf, sizeof(pkt.u.buf));
|
||||
+ len = read(0, pkt.u.buf, sizeof(pkt.u.buf));
|
||||
|
||||
- if (pkt.len <= 0)
|
||||
+ if (len <= 0)
|
||||
exit(1);
|
||||
+
|
||||
+ pkt.len = len;
|
||||
process_kbd(s, &pkt);
|
||||
n--;
|
||||
}
|
Loading…
Reference in New Issue
Block a user