diff --git a/srcpkgs/xbps-static/patches b/srcpkgs/xbps-static/patches new file mode 120000 index 00000000000..5bdbe051140 --- /dev/null +++ b/srcpkgs/xbps-static/patches @@ -0,0 +1 @@ +../xbps/patches \ No newline at end of file diff --git a/srcpkgs/xbps-static/template b/srcpkgs/xbps-static/template index 7d765b8cfa0..b6bd6d4adf3 100644 --- a/srcpkgs/xbps-static/template +++ b/srcpkgs/xbps-static/template @@ -3,7 +3,7 @@ # NOTE: keep this package synchronized with "srcpkgs/xbps". pkgname=xbps-static version=0.39 -revision=1 +revision=2 bootstrap=yes short_desc="The XBPS package system utilities - static binaries" maintainer="Juan RP " diff --git a/srcpkgs/xbps/patches/0001-lib-package_msg.c-fix-a-heap-overflow-noticed-by-Got.patch b/srcpkgs/xbps/patches/0001-lib-package_msg.c-fix-a-heap-overflow-noticed-by-Got.patch new file mode 100644 index 00000000000..7f3625cce38 --- /dev/null +++ b/srcpkgs/xbps/patches/0001-lib-package_msg.c-fix-a-heap-overflow-noticed-by-Got.patch @@ -0,0 +1,25 @@ +From 68949809836220d76ecd00bf5ee7f3e57d4032bf Mon Sep 17 00:00:00 2001 +From: Juan RP +Date: Tue, 16 Sep 2014 09:13:32 +0200 +Subject: [PATCH] lib/package_msg.c: fix a heap overflow (noticed by @Gottox). + +--- + lib/package_msg.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/lib/package_msg.c b/lib/package_msg.c +index f71dba0..f7d7ee2 100644 +--- lib/package_msg.c ++++ lib/package_msg.c +@@ -59,7 +59,7 @@ xbps_cb_message(struct xbps_handle *xhp, xbps_dictionary_t pkgd, const char *key + xbps_dbg_printf(xhp, "[%s] %s: fmemopen %s\n", __func__, pkgver, strerror(rv)); + goto out; + }; +- buf = malloc(len); ++ buf = malloc(len+1); + assert(buf); + if (fread(buf, len, 1, f) != len) { + if (ferror(f)) { +-- +2.1.0 + diff --git a/srcpkgs/xbps/template b/srcpkgs/xbps/template index d9f877c902d..169e62a47b7 100644 --- a/srcpkgs/xbps/template +++ b/srcpkgs/xbps/template @@ -1,7 +1,7 @@ # Template file for 'xbps' pkgname=xbps version=0.39 -revision=1 +revision=2 bootstrap=yes short_desc="The XBPS package system utilities" maintainer="Juan RP "