diff options
| author | FUJISHIMA Satsuki <sf@FreeBSD.org> | 2002-12-11 15:58:37 +0000 |
|---|---|---|
| committer | FUJISHIMA Satsuki <sf@FreeBSD.org> | 2002-12-11 15:58:37 +0000 |
| commit | fc510011bc9fdbe93680fcf3fc72ed4ee8ac7adb (patch) | |
| tree | caabc0d21536cbbe2fd3c4d1c5a44eb6832d5d4f /ftp/wget | |
| parent | ef8ff6310ba07b4c13c2ce417b0e605a2fcb5c35 (diff) | |
| download | ports-fc510011bc9fdbe93680fcf3fc72ed4ee8ac7adb.tar.gz ports-fc510011bc9fdbe93680fcf3fc72ed4ee8ac7adb.zip | |
Notes
Diffstat (limited to 'ftp/wget')
| -rw-r--r-- | ftp/wget/Makefile | 2 | ||||
| -rw-r--r-- | ftp/wget/files/patch-src_fnmatch_c | 21 | ||||
| -rw-r--r-- | ftp/wget/files/patch-src_ftp_c | 40 |
3 files changed, 62 insertions, 1 deletions
diff --git a/ftp/wget/Makefile b/ftp/wget/Makefile index 12eb74436907..97b9c6889d14 100644 --- a/ftp/wget/Makefile +++ b/ftp/wget/Makefile @@ -7,7 +7,7 @@ PORTNAME= wget PORTVERSION= 1.8.2 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= ftp www MASTER_SITES= ${MASTER_SITE_GNU} MASTER_SITE_SUBDIR= wget diff --git a/ftp/wget/files/patch-src_fnmatch_c b/ftp/wget/files/patch-src_fnmatch_c new file mode 100644 index 000000000000..5da55bc4f562 --- /dev/null +++ b/ftp/wget/files/patch-src_fnmatch_c @@ -0,0 +1,21 @@ +$OpenBSD: patch-src_fnmatch_c,v 1.1 2002/12/10 18:37:24 brad Exp $ +--- src/fnmatch.c.orig Tue Dec 10 13:06:09 2002 ++++ src/fnmatch.c Tue Dec 10 13:07:23 2002 +@@ -188,6 +188,17 @@ fnmatch (const char *pattern, const char + return (FNM_NOMATCH); + } + ++/* Return non-zero if S has a leading '/' or contains '../' */ ++int ++has_invalid_name (const char *s) ++{ ++ if (*s == '/') ++ return 1; ++ if (strstr(s, "../") != 0) ++ return 1; ++ return 0; ++} ++ + /* Return non-zero if S contains globbing wildcards (`*', `?', `[' or + `]'). */ + int diff --git a/ftp/wget/files/patch-src_ftp_c b/ftp/wget/files/patch-src_ftp_c new file mode 100644 index 000000000000..3da2f4186d7e --- /dev/null +++ b/ftp/wget/files/patch-src_ftp_c @@ -0,0 +1,40 @@ +$OpenBSD: patch-src_ftp_c,v 1.1 2002/12/10 18:37:24 brad Exp $ +--- src/ftp.c.orig Tue Dec 10 13:08:00 2002 ++++ src/ftp.c Tue Dec 10 13:16:22 2002 +@@ -1637,6 +1637,7 @@ ftp_retrieve_glob (struct urlinfo *u, cc + { + struct fileinfo *orig, *start; + uerr_t res; ++ struct fileinfo *f; + + con->cmd |= LEAVE_PENDING; + +@@ -1648,8 +1649,7 @@ ftp_retrieve_glob (struct urlinfo *u, cc + opt.accepts and opt.rejects. */ + if (opt.accepts || opt.rejects) + { +- struct fileinfo *f = orig; +- ++ f = orig; + while (f) + { + if (f->type != FT_DIRECTORY && !acceptable (f->name)) +@@ -1661,6 +1661,18 @@ ftp_retrieve_glob (struct urlinfo *u, cc + f = f->next; + } + } ++ /* Remove all files with possible harmful names */ ++ f = orig; ++ while (f) ++ { ++ if (has_invalid_name(f->name)) ++ { ++ logprintf (LOG_VERBOSE, _("Rejecting `%s'.\n"), f->name); ++ f = delelement (f, &start); ++ } ++ else ++ f = f->next; ++ } + /* Now weed out the files that do not match our globbing pattern. + If we are dealing with a globbing pattern, that is. */ + if (*u->file && (action == GLOBALL || action == GETONE)) |