Security fix for CVE-2013-6825, DCMTK Root Privilege escalation

ok sthen@

graphics/dcmtk/Makefile

@@ -1,9 +1,9 @@
-# $OpenBSD: Makefile,v 1.14 2014/04/24 20:33:43 jca Exp $
+# $OpenBSD: Makefile,v 1.15 2014/06/04 13:15:17 jasper Exp $
 
 COMMENT=		DICOM toolkit
 
 DISTNAME=		dcmtk-3.5.4
-REVISION=		3
+REVISION=		4
 
 CATEGORIES=		graphics
 

graphics/dcmtk/patches/patch-dcmnet_apps_movescu_cc

@@ -0,0 +1,19 @@
+$OpenBSD: patch-dcmnet_apps_movescu_cc,v 1.1 2014/06/04 13:15:17 jasper Exp $
+
+Security fix for CVE-2013-6825, DCMTK Root Privilege escalation
+http://hmarco.org/bugs/dcmtk-3.6.1-privilege-escalation.html
+
+--- dcmnet/apps/movescu.cc.orig	Thu Dec  8 16:44:20 2005
++++ dcmnet/apps/movescu.cc	Wed Jun  4 13:29:57 2014
+@@ -646,7 +646,10 @@ main(int argc, char *argv[])
+    * root, and run by another user.  Running as root user may be
+    * potentially disasterous if this program screws up badly.
+    */
+-    setuid(getuid());
++   if ( setuid(getuid()) != 0 ){
++      CERR << "Failed to drop privileges";
++      return -1;
++   }
+ #endif
+ 
+     /* set up main association */

graphics/dcmtk/patches/patch-dcmnet_apps_storescp_cc

@@ -0,0 +1,19 @@
+$OpenBSD: patch-dcmnet_apps_storescp_cc,v 1.1 2014/06/04 13:15:17 jasper Exp $
+
+Security fix for CVE-2013-6825, DCMTK Root Privilege escalation
+http://hmarco.org/bugs/dcmtk-3.6.1-privilege-escalation.html
+
+--- dcmnet/apps/storescp.cc.orig	Mon Dec 19 11:31:12 2005
++++ dcmnet/apps/storescp.cc	Wed Jun  4 13:29:21 2014
+@@ -997,7 +997,10 @@ int main(int argc, char *argv[])
+    * root, and run by another user.  Running as root user may be
+    * potentially disasterous if this program screws up badly.
+    */
+-  setuid(getuid());
++   if ( setuid(getuid()) != 0 ){
++      CERR << "Failed to drop privileges";
++      return -1;
++   }
+ #endif
+ 
+ #ifdef WITH_OPENSSL

graphics/dcmtk/patches/patch-dcmpstat_apps_dcmprscp_cc

@@ -0,0 +1,19 @@
+$OpenBSD: patch-dcmpstat_apps_dcmprscp_cc,v 1.1 2014/06/04 13:15:17 jasper Exp $
+
+Security fix for CVE-2013-6825, DCMTK Root Privilege escalation
+http://hmarco.org/bugs/dcmtk-3.6.1-privilege-escalation.html
+
+--- dcmpstat/apps/dcmprscp.cc.orig	Thu Dec  8 16:46:05 2005
++++ dcmpstat/apps/dcmprscp.cc	Wed Jun  4 13:30:31 2014
+@@ -500,7 +500,10 @@ int main(int argc, char *argv[])
+      * and run by another user.  Running as root user may be
+      * potentially disasterous if this program screws up badly.
+      */
+-    setuid(getuid());
++    if ( setuid(getuid()) != 0){
++      CERR << "Failed to drop privileges";
++      return -1;
++    }
+ #endif
+ 
+ #ifdef HAVE_FORK

graphics/dcmtk/patches/patch-dcmpstat_apps_dcmpsrcv_cc

@@ -0,0 +1,19 @@
+$OpenBSD: patch-dcmpstat_apps_dcmpsrcv_cc,v 1.1 2014/06/04 13:15:17 jasper Exp $
+
+Security fix for CVE-2013-6825, DCMTK Root Privilege escalation
+http://hmarco.org/bugs/dcmtk-3.6.1-privilege-escalation.html
+
+--- dcmpstat/apps/dcmpsrcv.cc.orig	Thu Dec  8 16:46:10 2005
++++ dcmpstat/apps/dcmpsrcv.cc	Wed Jun  4 13:30:56 2014
+@@ -1295,7 +1295,10 @@ int main(int argc, char *argv[])
+        * and run by another user.  Running as root user may be
+        * potentially disasterous if this program screws up badly.
+        */
+-      setuid(getuid());
++      if( setuid(getuid()) != 0){
++        CERR << "Failed to drop privileges"; 
++        return -1;
++      }
+ #endif
+ 
+ #ifdef HAVE_FORK

graphics/dcmtk/patches/patch-dcmpstat_tests_msgserv_cc

@@ -0,0 +1,19 @@
+$OpenBSD: patch-dcmpstat_tests_msgserv_cc,v 1.1 2014/06/04 13:15:17 jasper Exp $
+
+Security fix for CVE-2013-6825, DCMTK Root Privilege escalation
+http://hmarco.org/bugs/dcmtk-3.6.1-privilege-escalation.html
+
+--- dcmpstat/tests/msgserv.cc.orig	Wed Dec 14 18:43:42 2005
++++ dcmpstat/tests/msgserv.cc	Wed Jun  4 13:31:17 2014
+@@ -210,7 +210,10 @@ int main(int argc, char *argv[])
+        * and run by another user.  Running as root user may be
+        * potentially disasterous if this program screws up badly.
+        */
+-      setuid(getuid());
++     if( setuid(getuid()) != 0){
++        CERR << "Failed to drop privileges";
++        return -1;
++     }
+ #endif
+ 
+     fd_set fdset;

graphics/dcmtk/patches/patch-dcmqrdb_apps_dcmqrscp_cc

@@ -0,0 +1,19 @@
+$OpenBSD: patch-dcmqrdb_apps_dcmqrscp_cc,v 1.1 2014/06/04 13:15:17 jasper Exp $
+
+Security fix for CVE-2013-6825, DCMTK Root Privilege escalation
+http://hmarco.org/bugs/dcmtk-3.6.1-privilege-escalation.html
+
+--- dcmqrdb/apps/dcmqrscp.cc.orig	Fri Dec 16 13:39:13 2005
++++ dcmqrdb/apps/dcmqrscp.cc	Wed Jun  4 13:31:35 2014
+@@ -598,7 +598,10 @@ main(int argc, char *argv[])
+      * and run by another user.  Running as root user may be
+      * potentially disasterous if this program screws up badly.
+      */
+-    setuid(getuid());
++    if( setuid(getuid()) != 0){
++       CERR << "Failed to drop privileges";
++       return -1;
++    }
+ #endif
+ 
+ #if defined(HAVE_GETGRNAM) && defined(HAVE_GETPWNAM) && defined(HAVE_SETUID)

graphics/dcmtk/patches/patch-dcmwlm_libsrc_wlmactmg_cc

@@ -0,0 +1,20 @@
+$OpenBSD: patch-dcmwlm_libsrc_wlmactmg_cc,v 1.1 2014/06/04 13:15:17 jasper Exp $
+
+Security fix for CVE-2013-6825, DCMTK Root Privilege escalation
+http://hmarco.org/bugs/dcmtk-3.6.1-privilege-escalation.html
+
+--- dcmwlm/libsrc/wlmactmg.cc.orig	Thu Dec  8 16:48:35 2005
++++ dcmwlm/libsrc/wlmactmg.cc	Wed Jun  4 13:43:34 2014
+@@ -226,7 +226,11 @@ OFCondition WlmActivityManager::StartProvidingService(
+   // things go very wrong. Only works if the program is setuid root,
+   // and run by another user. Running as root user may be
+   // potentially disasterous if this program screws up badly.
+-  setuid( getuid() );
++  if( setuid(getuid()) != 0 ){
++     sprintf( msg, "Failed to drop privileges\n" );
++     DumpMessage( msg );
++     return( WLM_ECC_InsufficientPortPrivileges );
++  }
+ #endif
+ 
+   // If we get to this point, the entire initialization process has been completed