[SCM] BOINC packaging branch, master, updated. debian/7.0.33+dfsg-1-30-gaa1b4eb

Sun Sep 2 09:04:37 UTC 2012

The following commit has been merged in the master branch:
commit aa1b4eb5ac7373934be8d75bd0f92960a7973267
Author: Steffen Moeller <steffen_moeller at gmx.de>
Date:   Sun Sep 2 11:03:51 2012 +0200

    Addressing upstream ticket 1168.

diff --git a/debian/changelog b/debian/changelog
index 042df8f..41ab6cf 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+boinc (7.0.34+dfsg-6) UNRELEASED; urgency=low
+
+  * Fixing upstream bug 
+    https://boinc.berkeley.edu/trac/ticket/1168
+    on dir_scan usage.
+
+ -- Steffen Moeller <moeller at debian.org>  Sun, 02 Sep 2012 11:04:19 +0200
+
 boinc (7.0.34+dfsg-5) UNRELEASED; urgency=low
 
   * Added better error messages for opendir() failures
diff --git a/debian/patches/series b/debian/patches/series
index 7a49d50..453253e 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -70,3 +70,4 @@ slot_dir_source_trace.patch
 ignored_return_value.patch
 cppcheck_avoid_redundant_check.patch
 opendir_errno.patch
+ticket_1168_verifycerts.patch
diff --git a/debian/patches/ticket_1168_verifycerts.patch b/debian/patches/ticket_1168_verifycerts.patch
new file mode 100644
index 0000000..5454e77
--- /dev/null
+++ b/debian/patches/ticket_1168_verifycerts.patch
@@ -0,0 +1,52 @@
+Index: boinc/client/cs_files.cpp
+===================================================================
+--- boinc.orig/client/cs_files.cpp	2012-08-30 21:03:35.490956131 +0200
++++ boinc/client/cs_files.cpp	2012-09-02 10:40:36.478032727 +0200
+@@ -90,12 +90,12 @@
+ // Is app signed by one of the Application Certifiers?
+ //
+ bool FILE_INFO::verify_file_certs() {
+-    char file[256];
++    char file[MAXPATHLEN];
+     bool retval = false;
+ 
+     if (!is_dir(CERTIFICATE_DIRECTORY)) return false;
+     DIRREF dir = dir_open(CERTIFICATE_DIRECTORY);
+-    while (dir_scan(file, dir, sizeof(file))) {
++    while (!dir_scan(file, dir, sizeof(file))) {
+         if (cert_verify_file(cert_sigs, file, CERTIFICATE_DIRECTORY)) {
+             msg_printf(project, MSG_INFO,
+                 "Signature verified using certificate %s", file
+@@ -156,7 +156,7 @@
+ int FILE_INFO::verify_file(
+     bool verify_contents, bool show_errors, bool allow_async
+ ) {
+-    char cksum[64], pathname[256];
++    char cksum[64], pathname[MAXPATHLEN];
+     bool verified;
+     int retval;
+     double size, local_nbytes;
+@@ -177,7 +177,9 @@
+     //
+     if (download_gzipped && !boinc_file_exists(pathname)) {
+         char gzpath[MAXPATHLEN];
+-        sprintf(gzpath, "%s.gz", pathname);
++        snprintf(gzpath, sizeof(gzpath), "%s.gz", pathname);
++	//FIXME: a distinction is missing for the case that the .gz suffix goes beyond the MAXPATHLEN and is hence not found because
++	//       one should then not reperform the download as intended below
+         if (boinc_file_exists(gzpath) ) {
+ 			if (allow_async && nbytes > ASYNC_FILE_THRESHOLD) {
+ 				ASYNC_VERIFY* avp = new ASYNC_VERIFY;
+Index: boinc/lib/crypt.cpp
+===================================================================
+--- boinc.orig/lib/crypt.cpp	2012-09-02 10:27:39.420339596 +0200
++++ boinc/lib/crypt.cpp	2012-09-02 10:42:50.568254414 +0200
+@@ -604,7 +604,7 @@
+     DIRREF dir = dir_open(certPath);
+ 
+     char file[MAXPATHLEN];
+-    while (dir_scan(file, dir, sizeof(file))) {
++    while (!dir_scan(file, dir, sizeof(file))) {
+         char fpath[MAXPATHLEN];
+ 	    snprintf(fpath, sizeof(fpath), "%s/%s", certPath, file);
+         // TODO : replace '128'  

-- 
BOINC packaging

