Fix read-from-NULL-pointer crashes when command line option arguments

are missing from long options --syslog-tag, --timestamp-date, or --db-cachesize (the short option equivalents were unaffected); or when BOGODIR/BOGOFILTER_HOME/HOME environment variables are all three missing when running bogotune. (This is all under the invoking user's control and not believed to be security relevant.) Reported by Alexandre Rebert, found within the Mayhem project he is with. Obtained from: http://svn.code.sf.net/p/bogofilter/code/trunk
2013-07-01 06:26:49 +00:00
parent 9785389fb4
commit 0d5d668fd7
7 changed files with 50 additions and 3 deletions
--- a/mail/bogofilter-sqlite/Makefile
+++ b/mail/bogofilter-sqlite/Makefile
@@ -2,7 +2,7 @@
 # $FreeBSD$

 PORTNAME=	bogofilter
-PORTREVISION=	0
+PORTREVISION=	1
 CATEGORIES=	mail
 PKGNAMESUFFIX=	-sqlite

--- a/mail/bogofilter-tc/Makefile
+++ b/mail/bogofilter-tc/Makefile
@@ -2,7 +2,7 @@
 # $FreeBSD$

 PORTNAME=	bogofilter
-PORTREVISION=	0
+PORTREVISION=	1
 CATEGORIES=	mail
 PKGNAMESUFFIX=	-tc

--- a/mail/bogofilter/Makefile
+++ b/mail/bogofilter/Makefile
@@ -3,7 +3,7 @@

 PORTNAME=	bogofilter
 PORTVERSION=	1.2.3
-PORTREVISION?=	0
+PORTREVISION?=	1
 CATEGORIES?=	mail
 MASTER_SITES=	SF/bogofilter/bogofilter-current/bogofilter-${PORTVERSION}

--- a/mail/bogofilter/files/patch-SVNr6989
+++ b/mail/bogofilter/files/patch-SVNr6989
@@ -0,0 +1,11 @@
+--- src/bogoconfig.c	(Revision 6988)
+++ src/bogoconfig.c	(Revision 6989)
+@@ -102,7 +102,7 @@
+     LONGOPTIONS_DB
+     /* bogofilter specific options */
+     { "classify-files",			N, 0, 'B' },
+-    { "syslog-tag",			N, 0, 'L' },
+    { "syslog-tag",			R, 0, 'L' },
+     { "classify-mbox",			N, 0, 'M' },
+     { "unregister-nonspam",		N, 0, 'N' },
+     { "dataframe",			N, 0, 'R' },
--- a/mail/bogofilter/files/patch-SVNr6990
+++ b/mail/bogofilter/files/patch-SVNr6990
@@ -0,0 +1,14 @@
+--- src/bogotune.c	(Revision 6989)
+++ src/bogotune.c	(Revision 6990)
+@@ -1852,6 +1852,11 @@
+ 	if (ds_path == NULL)
+ 	    ds_path = get_directory(PR_ENV_HOME);
+ 
+	if (ds_path == NULL) {
+	    fprintf(stderr, "Cannot derive bogofilter directory from environment, aborting.\n");
+	    exit(EX_ERROR);
+	}
+
+ 	set_bogohome(ds_path);
+ 	bfp = bfpath_create(ds_path);
+ 
--- a/mail/bogofilter/files/patch-SVNr6991
+++ b/mail/bogofilter/files/patch-SVNr6991
@@ -0,0 +1,11 @@
+--- src/longoptions.h	(Revision 6990)
+++ src/longoptions.h	(Revision 6991)
+@@ -133,7 +133,7 @@
+ 
+ #define LONGOPTIONS_DB \
+     { "db-transaction",			R, 0, O_DB_TRANSACTION }, \
+-    { "timestamp-date",			N, 0, 'y' }, \
+    { "timestamp-date",			R, 0, 'y' }, \
+     lo1 lo2
+ 
+ #endif
--- a/mail/bogofilter/files/patch-SVNr6993-minimal
+++ b/mail/bogofilter/files/patch-SVNr6993-minimal
@@ -0,0 +1,11 @@
+--- src/bogoconfig.c	(Revision 6992)
+++ src/bogoconfig.c	(Revision 6993)
+@@ -121,7 +121,7 @@
+     { "debug-to-stdout",		N, 0, 'D' },
+     { "no-header-tags",			N, 0, 'H' },
+     { "query",				N, 0, 'Q' },
+-    { "db-cachesize",			N, 0, 'k' },
+    { "db-cachesize",			R, 0, 'k' },
+     { "ns-esf",				R, 0, O_NS_ESF },
+     { "sp-esf",				R, 0, O_SP_ESF },
+     { "ham-cutoff",			R, 0, O_HAM_CUTOFF },