security, bump to chora-1.2p1, check diff inputs

2004-06-12 19:18:36 +00:00 · 2004-06-12 19:18:36 +00:00 · ac8a598f19
commit ac8a598f19
parent 9780f2be84
3 changed files with 35 additions and 1 deletions
--- a/devel/chora/Makefile
+++ b/devel/chora/Makefile
@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.6 2004/02/03 07:20:43 sturm Exp $ 
+# $OpenBSD: Makefile,v 1.7 2004/06/12 19:18:36 avsm Exp $ 

 COMMENT=	"web-based CVS viewer module for Horde"

@ -7,6 +7,7 @@ HORDE_MODULE=	chora
 HORDE_NAME=	Chora

 DISTNAME=	${HORDE_MODULE}-${V}
+PKGNAME=	${DISTNAME}p1
 CATEGORIES=	devel www
 HOMEPAGE=	http://www.horde.org/${HORDE_MODULE}/

@ -28,6 +29,7 @@ EXTRACT_ONLY=
 PREFIX=		/var/www
 INSTDIR=	${PREFIX}/horde
 SUBST_VARS=	INSTDIR HORDE_NAME HORDE_MODULE
+PATCH_LIST=	

 RUN_DEPENDS=	:horde->=2.2.1:devel/horde

@ -37,5 +39,7 @@ pre-fake:
 do-install:
 	@cd ${INSTDIR} && tar zxf ${FULLDISTDIR}/${DISTNAME}${EXTRACT_SUFX}
 	@mv ${INSTDIR}/${HORDE_MODULE}-${V} ${INSTDIR}/${HORDE_MODULE}
+	@cd ${INSTDIR}/${HORDE_MODULE} && ${PATCH} -s < ${PATCHDIR}/patch-diff.php \
+	&& ${PATCH} -s < ${PATCHDIR}/patch-lib_CVSLib_Diff.php

 .include <bsd.port.mk>
--- a/devel/chora/patches/patch-diff.php
+++ b/devel/chora/patches/patch-diff.php
@ -0,0 +1,13 @@
+$OpenBSD: patch-diff.php,v 1.1 2004/06/12 19:18:36 avsm Exp $
+===================================================================
+--- diff.php	2004/03/26 22:43:22	1.43.2.14
+++ diff.php	2004/06/12 14:06:20	1.43.2.15
+@@ -23,7 +23,7 @@ if (!$r1) $r1 = Horde::getFormData('tr1'
+ if (!$r2) $r2 = Horde::getFormData('tr2');
+
+ /* If no context-size has been specified, default to 3. */
+-$num = Horde::getFormData('num', 3);
+$num = (int)Horde::getFormData('num', 3);
+
+ /* If no type has been specified, then default to human readable. */
+ $ty = Horde::getFormData('ty', 'h');
--- a/devel/chora/patches/patch-lib_CVSLib_Diff.php
+++ b/devel/chora/patches/patch-lib_CVSLib_Diff.php
@ -0,0 +1,17 @@
+$OpenBSD: patch-lib_CVSLib_Diff.php,v 1.1 2004/06/12 19:18:36 avsm Exp $
+===================================================================
+--- lib/CVSLib/Diff.php	2002/12/28 18:54:02	1.18.2.4
+++ lib/CVSLib/Diff.php	2004/06/12 14:06:20	1.18.2.5
+@@ -56,10 +56,10 @@ class CVSLib_Diff {
+         }
+         switch ($type) {
+         case CVSLIB_DIFF_CONTEXT:
+-            $options = $opts . '-p --context=' . $num;
+            $options = $opts . '-p --context=' . (int)$num;
+             break;
+         case CVSLIB_DIFF_UNIFIED:
+-            $options = $opts . '-p --unified=' . $num;
+            $options = $opts . '-p --unified=' . (int)$num;
+             break;
+         case CVSLIB_DIFF_COLUMN:
+             $options = $opts . '--side-by-side --width=120';