From 20252a3e736a88da3def5a97ede0a3ba8f1f3404 Mon Sep 17 00:00:00 2001 From: Kamil Dudka Date: Tue, 28 Aug 2012 15:11:58 +0200 Subject: [PATCH] sync the upstream tarball with the current upstream version --- lynx-2.8.6-redhat.patch | 14 +++-- lynx-2.8.7-alloca.patch | 112 --------------------------------------- lynx-CVE-2008-4690.patch | 21 ++++---- lynx.spec | 9 ++-- sources | 2 +- 5 files changed, 23 insertions(+), 135 deletions(-) delete mode 100644 lynx-2.8.7-alloca.patch diff --git a/lynx-2.8.6-redhat.patch b/lynx-2.8.6-redhat.patch index 528b4ec..84ef5ce 100644 --- a/lynx-2.8.6-redhat.patch +++ b/lynx-2.8.6-redhat.patch @@ -1,5 +1,9 @@ + lynx.cfg | 13 ++++++++++--- + userdefs.h | 16 ++++++++-------- + 2 files changed, 18 insertions(+), 11 deletions(-) + diff --git a/lynx.cfg b/lynx.cfg -index c4ce454..de9111f 100644 +index bbb74da..8759699 100644 --- a/lynx.cfg +++ b/lynx.cfg @@ -1,8 +1,11 @@ @@ -13,7 +17,7 @@ index c4ce454..de9111f 100644 +# Linux update, overwriting your changes). Instead, edit /etc/lynx-site.cfg. +# # $Format: "#PRCS LYNX_VERSION \"$ProjectVersion$\""$ - #PRCS LYNX_VERSION "2.8.7rel.1" + #PRCS LYNX_VERSION "2.8.7rel.2" # @@ -93,7 +96,7 @@ # @@ -24,7 +28,7 @@ index c4ce454..de9111f 100644 # # As an alternative, you may want to use a local URL. A good choice for this is # the user's home directory: -@@ -442,7 +445,7 @@ DEFAULT_INDEX_FILE:http://lynx.isc.org/ +@@ -442,7 +445,7 @@ DEFAULT_INDEX_FILE:http://www.google.com/ # Lynx (case insensitive). # Find RFC 1345 at http://www.ics.uci.edu/pub/ietf/uri/rfc1345.txt . # @@ -33,7 +37,7 @@ index c4ce454..de9111f 100644 .h2 LOCALE_CHARSET # LOCALE_CHARSET overrides CHARACTER_SET if true, using the current locale to -@@ -1857,6 +1860,9 @@ DEFAULT_INDEX_FILE:http://lynx.isc.org/ +@@ -1857,6 +1860,9 @@ LOCALE_CHARSET:TRUE .ex #DOWNLOADER:Save OS/390 binary file: iconv -f IBM-1047 -t ISO8859-1 %s >%s:FALSE @@ -52,7 +56,7 @@ index c4ce454..de9111f 100644 .h1 External Programs # Any of the compiled-in pathnames of external programs can be overridden diff --git a/userdefs.h b/userdefs.h -index 3fc4ff6..3d2f7e5 100644 +index 88f50b4..304b4ee 100644 --- a/userdefs.h +++ b/userdefs.h @@ -105,7 +105,7 @@ diff --git a/lynx-2.8.7-alloca.patch b/lynx-2.8.7-alloca.patch deleted file mode 100644 index 2fd26f2..0000000 --- a/lynx-2.8.7-alloca.patch +++ /dev/null @@ -1,112 +0,0 @@ - WWW/Library/Implementation/HTParse.c | 47 +++++++++++++++++++++++----------- - src/LYGlobalDefs.h | 1 + - src/LYMain.c | 1 + - 3 files changed, 34 insertions(+), 15 deletions(-) - -diff --git a/WWW/Library/Implementation/HTParse.c b/WWW/Library/Implementation/HTParse.c -index c9bfbbf..b265e22 100644 ---- a/WWW/Library/Implementation/HTParse.c -+++ b/WWW/Library/Implementation/HTParse.c -@@ -12,6 +12,7 @@ - #include - #include - #include -+#include - - #ifdef HAVE_ALLOCA_H - #include -@@ -255,7 +256,8 @@ char *HTParse(const char *aName, - char *result = NULL; - char *tail = NULL; /* a pointer to the end of the 'result' string */ - char *return_value = NULL; -- unsigned len, len1, len2; -+ size_t len, len1, len2; -+ size_t need; - char *name = NULL; - char *rel = NULL; - char *p, *q; -@@ -290,9 +292,17 @@ char *HTParse(const char *aName, - len2 = strlen(relatedName) + 1; - len = len1 + len2 + 8; /* Lots of space: more than enough */ - -- result = tail = (char *) LYalloca(len * 2 + len1 + len2); -+ need = (len * 2 + len1 + len2); -+ if (need > (size_t) max_uri_size || -+ (int) need < (int) len1 || -+ (int) need < (int) len2) -+ return StrAllocCopy(return_value, ""); -+ -+ result = tail = (char *) LYalloca(need); - if (result == NULL) { - outofmem(__FILE__, "HTParse"); -+ -+ assert(result != NULL); - } - *result = '\0'; - name = result + len; -@@ -674,21 +684,28 @@ const char *HTParseAnchor(const char *aName) - * keeping in mind scan() peculiarities on schemes: - */ - struct struct_parts given; -+ size_t need = ((unsigned) ((p - aName) + (int) strlen(p) + 1)); -+ char *name; - -- char *name = (char *) LYalloca((unsigned) ((p - aName) -- + (int) strlen(p) + 1)); -+ if (need > (size_t) max_uri_size) { -+ p += strlen(p); -+ } else { -+ name = (char *) LYalloca(need); - -- if (name == NULL) { -- outofmem(__FILE__, "HTParseAnchor"); -- } -- strcpy(name, aName); -- scan(name, &given); -- LYalloca_free(name); -- -- p++; /*next to '#' */ -- if (given.anchor == NULL) { -- for (; *p; p++) /*scroll to end '\0' */ -- ; -+ if (name == NULL) { -+ outofmem(__FILE__, "HTParseAnchor"); -+ -+ assert(name != NULL); -+ } -+ strcpy(name, aName); -+ scan(name, &given); -+ LYalloca_free(name); -+ -+ p++; /*next to '#' */ -+ if (given.anchor == NULL) { -+ for (; *p; p++) /*scroll to end '\0' */ -+ ; -+ } - } - } - return p; -diff --git a/src/LYGlobalDefs.h b/src/LYGlobalDefs.h -index d0c5ab1..cc3e1e8 100644 ---- a/src/LYGlobalDefs.h -+++ b/src/LYGlobalDefs.h -@@ -305,6 +305,7 @@ extern "C" { - extern int max_cookies_buffer; - extern int max_cookies_domain; - extern int max_cookies_global; -+ extern int max_uri_size; - #ifdef USE_SESSIONS - extern short session_limit; /* maximal entries saved/restored - in session file */ -diff --git a/src/LYMain.c b/src/LYMain.c -index 126a30f..0ccebe5 100644 ---- a/src/LYMain.c -+++ b/src/LYMain.c -@@ -494,6 +494,7 @@ int lynx_temp_subspace = 0; /* > 0 if we made temp-directory */ - int max_cookies_domain = 50; - int max_cookies_global = 500; - int max_cookies_buffer = 4096; -+int max_uri_size = 8192; - int nlinks = 0; /* number of links in memory */ - int outgoing_mail_charset = -1; /* translate mail to this charset */ - diff --git a/lynx-CVE-2008-4690.patch b/lynx-CVE-2008-4690.patch index 08bfb13..57867a3 100644 --- a/lynx-CVE-2008-4690.patch +++ b/lynx-CVE-2008-4690.patch @@ -1,16 +1,13 @@ + CHANGES | 7 +++++++ + lynx.cfg | 2 +- + src/LYCgi.c | 2 +- + 3 files changed, 9 insertions(+), 2 deletions(-) + diff --git a/CHANGES b/CHANGES -index 23cc304..4a59ceb 100644 +index 7b131be..3a89866 100644 --- a/CHANGES +++ b/CHANGES -@@ -2,7 +2,6 @@ - =============================================================================== - Changes since Lynx 2.8 release - =============================================================================== -- - 2009-07-05 (2.8.7rel.1) - * update metrics for 2.8.7 release. - * fix ifdef'ing for cfg_bad_html (report by Gabor Z Papp) -TD -@@ -244,6 +243,13 @@ Changes since Lynx 2.8 release +@@ -248,6 +248,13 @@ Changes since Lynx 2.8 release * update win32 makefiles/build scripts to add LYmktime, parsdate modules -TD * update config.guess (2008-04-14), config.sub (2008-06-16) @@ -25,10 +22,10 @@ index 23cc304..4a59ceb 100644 * remove rw.po, since the translation project no longer supplies it -TD * implement "readonly" attribute for TEXTAREA and TEXT fields -TD diff --git a/lynx.cfg b/lynx.cfg -index acdfae1..e83a4bf 100644 +index 8759699..e048634 100644 --- a/lynx.cfg +++ b/lynx.cfg -@@ -1081,7 +1081,7 @@ CHARACTER_SET:utf-8 +@@ -1081,7 +1081,7 @@ LOCALE_CHARSET:TRUE # # The default TRUSTED_LYNXCGI rule is "none". # diff --git a/lynx.spec b/lynx.spec index 10ec7be..e95ce52 100644 --- a/lynx.spec +++ b/lynx.spec @@ -1,7 +1,7 @@ Summary: A text-based Web browser Name: lynx Version: 2.8.7 -Release: 9%{?dist} +Release: 10%{?dist} License: GPLv2 Group: Applications/Internet Source: http://lynx.isc.org/lynx%{version}/lynx%{version}.tar.bz2 @@ -33,9 +33,6 @@ Patch5: lynx-2.8.7-locale.patch # bz #425879 Patch6: lynx-2.8.7-ipv6arg.patch -# bz #605286 -Patch7: lynx-2.8.7-alloca.patch - # include read-only text fields on form submission (#679266) Patch8: lynx-2.8.7-bz679266.patch @@ -68,7 +65,6 @@ exits quickly and swiftly displays web pages. %patch4 -p1 %patch5 -p1 %patch6 -p1 -%patch7 -p1 %patch8 -p1 perl -pi -e "s,^HELPFILE:.*,HELPFILE:file://localhost/usr/share/doc/lynx-%{version}/lynx_help/lynx_help_main.html,g" lynx.cfg @@ -157,6 +153,9 @@ rm -rf $RPM_BUILD_ROOT %config(noreplace,missingok) %{_sysconfdir}/lynx-site.cfg %changelog +* Tue Aug 28 2012 Kamil Dudka - 2.8.7-10 +- sync the upstream tarball with the current upstream version + * Thu Jul 19 2012 Fedora Release Engineering - 2.8.7-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild diff --git a/sources b/sources index 944414e..ab3a5e2 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -493af4c77ef6761e3f0157cd1be033a0 lynx2.8.7.tar.bz2 +cb936aef812e4e463ab86cbbe14d4db9 lynx2.8.7.tar.bz2