correcting security patch.

1 files changed, 23 insertions, 20 deletions

diff --git a/net-misc/whois/files/whois-4.6.9-gentoo-security.patch b/net-misc/whois/files/whois-4.6.9-gentoo-security.patch
index 5f92105cf501..83de5bfd0501 100644
--- a/net-misc/whois/files/whois-4.6.9-gentoo-security.patch
+++ b/net-misc/whois/files/whois-4.6.9-gentoo-security.patch
@@ -1,6 +1,7 @@
---- whois.c.orig	2003-09-10 01:21:52.000000000 +0200
-+++ whois.c	2003-11-23 01:51:20.000000000 +0100
-@@ -73,7 +73,7 @@
+diff -Naur whois-4.6.9/whois.c whois/whois.c
+--- whois-4.6.9/whois.c	2003-12-01 19:15:18.000000000 +0100
++++ whois/whois.c	2003-12-08 01:24:06.000000000 +0100
+@@ -76,7 +76,7 @@
  	/* RIPE flags */
  	if (strchr(ripeflags, ch)) {
  	    for (p = fstring; *p; p++);
@@ -9,7 +10,7 @@
  	    continue;
  	}
  	if (strchr(ripeflagsp, ch)) {
-@@ -86,7 +86,7 @@
+@@ -89,7 +89,7 @@
  	/* program flags */
  	switch (ch) {
  	case 'h':
@@ -18,7 +19,7 @@
  	    for (p = optarg; *p && *p != ':'; *q++ = tolower(*p++));
  	    if (*p == ':')
  		port = p + 1;
-@@ -122,7 +122,7 @@
+@@ -125,7 +125,7 @@
  	usage();
  
      /* On some systems realloc only works on non-NULL buffers */
@@ -27,7 +28,7 @@
      *qstring = '\0';
  
      /* parse other parameters, if any */
-@@ -131,11 +131,11 @@
+@@ -134,11 +134,11 @@
  
  	while (1) {
  	    qslen += strlen(*argv) + 1 + 1;
@@ -42,22 +43,23 @@
  	    argc--;
  	}
      }
-@@ -401,10 +401,12 @@
+@@ -423,10 +423,12 @@
  {
      char *buf;
      int i, isripe = 0;
-+    int buflen = 0;
- 
+-
++	/* buflen was always 0 in original patch and buf was allocated
++       twice /Aye */
      /* +2 for \r\n; +1 for NULL */
 -    buf = malloc(strlen(flags) + strlen(query) + strlen(client_tag) + 4
 -	    + 2 + 1);
-+    buf = malloc(strlen(flags) + strlen(query) + strlen(client_tag) + 4 + 2 + 1);
++    int buflen = strlen(flags) + strlen(query) + strlen(client_tag) + 4 + 2 + 1;
 +    buf = xmalloc(buflen);
 +
      *buf = '\0';
      for (i = 0; ripe_servers[i]; i++)
  	if (strcmp(server, ripe_servers[i]) == 0) {
-@@ -426,21 +428,21 @@
+@@ -448,21 +450,21 @@
      if (*flags) {
  	if (!isripe && strcmp(server, "whois.corenic.net") != 0)
  	    puts(_("Warning: RIPE flags used with a traditional server."));
@@ -84,7 +86,7 @@
      return buf;
  }
  
-@@ -483,7 +485,7 @@
+@@ -505,7 +507,7 @@
  
  		if (verb)
  		    printf(_("Detected referral to %s on %s.\n"), nq, nh);
@@ -93,7 +95,7 @@
  		fd = openconn(nh, np);
  		do_query(fd, nq);
  		continue;
-@@ -509,7 +511,7 @@
+@@ -531,7 +533,7 @@
      FILE *fi;
      int state = 0;
  
@@ -102,7 +104,7 @@
      *temp = '=';
      strcpy(temp + 1, query);
      strcat(temp, "\r\n");
-@@ -527,7 +529,7 @@
+@@ -549,7 +551,7 @@
  
  	    for (p = buf; *p != ':'; p++);	/* skip until colon */
  	    for (p++; *p == ' '; p++);		/* skip colon and spaces */
@@ -111,7 +113,7 @@
  	    for (q = ret; *p != '\n' && *p != '\r' && *p != ' '; *q++ = *p++)
  		; /*copy data*/
  	    *q = '\0';
-@@ -572,7 +574,7 @@
+@@ -594,7 +596,7 @@
  	    for (p = buf; *p != ':'; p++);	/* skip until colon */
  	    for (p++; *p != ':'; p++);		/* skip until 2nd colon */
  	    for (p++; *p == ' '; p++);		/* skip colon and spaces */
@@ -120,7 +122,7 @@
  	    for (q = ret; *p != '\n' && *p != '\r'; *q++ = *p++); /*copy data*/
  	    *q = '\0';
  	    state = 2;
-@@ -726,6 +728,24 @@
+@@ -768,6 +770,24 @@
      exit(0);
  }
  
@@ -145,11 +147,12 @@
  
  /* Error routines */
  void err_sys(const char *fmt, ...)
---- whois.h.orig	2003-11-23 01:58:01.000000000 +0100
-+++ whois.h	2003-11-23 01:58:52.000000000 +0100
-@@ -23,6 +23,8 @@
- int domfind(const char *, const char *[]);
+diff -Naur whois-4.6.9/whois.h whois/whois.h
+--- whois-4.6.9/whois.h	2003-12-01 18:21:59.000000000 +0100
++++ whois/whois.h	2003-12-08 01:06:28.000000000 +0100
+@@ -24,6 +24,8 @@
  char *normalize_domain(const char *);
+ char *convert_6to4(const char *);
  
 +void *xmalloc(size_t);
 +void *xrealloc(void *, size_t);