Codebase list alex4 / f4f6685
Harden the build unless "nohardening" is set. git-svn-id: file:///svn/pkg-games/packages/trunk/alex4@11866 8808ee5c-780a-0410-9abb-a8188df92ce5 Peter Pentchev 13 years ago
5 changed file(s) with 163 addition(s) and 1 deletion(s). Raw diff Collapse all Expand all
+1
-0
debian/changelog less more
2222 * Convert all patch file headers to the DEP 3 format.
2323 * Build with -Werror if the non-standard "werror" build option is set.
2424 * Add the compiler-warnings patch to fix some, well, compiler warnings.
25 * Harden the build unless the "nohardening" build option is set.
2526
2627 -- Peter Pentchev <roam@ringlet.net> Wed, 09 Mar 2011 14:14:04 +0200
2728
+1
-1
debian/control less more
22 Priority: optional
33 Maintainer: Debian Games Team <pkg-games-devel@lists.alioth.debian.org>
44 Uploaders: Peter De Wachter <pdewacht@gmail.com>
5 Build-Depends: debhelper (>= 8), dpkg-dev (>= 1.15.7~),
5 Build-Depends: debhelper (>= 8), dpkg-dev (>= 1.15.7~), hardening-includes,
66 liballegro4.2-dev (>= 2:4.2.2-2), libdumb1-dev, libaldmb1-dev
77 Standards-Version: 3.9.1
88 Homepage: http://allegator.sourceforge.net/
+154
-0
debian/patches/hardening.patch less more
0 Description: Harden the build.
1 - check the fread() and fwrite() return values
2 - swap a return and an fclose()
3 Forwarded: no
4 Author: Peter Pentchev <roam@ringlet.net>
5 Last-Update: 2011-03-07
6
7 --- a/src/map.c
8 +++ b/src/map.c
9 @@ -76,28 +76,30 @@
10 #endif
11 }
12
13 -static void fread_int(int *dest, FILE *fp)
14 +static int fread_int(int *dest, FILE *fp)
15 {
16 #if __BYTE_ORDER == __LITTLE_ENDIAN
17 - fread(dest, 4, 1, fp);
18 + return (fread(dest, 4, 1, fp));
19 #else
20 unsigned char buf[4];
21 - fread(buf, 1, 4, fp);
22 + if (fread(buf, 1, 4, fp) < 4)
23 + return (0);
24 mem_to_int(dest, buf);
25 + return (1);
26 #endif
27 }
28
29 -static void fwrite_int(const int *src, FILE *fp)
30 +static int fwrite_int(const int *src, FILE *fp)
31 {
32 #if __BYTE_ORDER == __LITTLE_ENDIAN
33 - fwrite(src, 4, 1, fp);
34 + return (fwrite(src, 4, 1, fp));
35 #else
36 unsigned char buf[4];
37 buf[0] = *src;
38 buf[1] = *src >> 8;
39 buf[2] = *src >> 16;
40 buf[3] = *src >> 24;
41 - fwrite(buf, 1, 4, fp);
42 + return (fwrite(buf, 1, 4, fp) == 4? 1: 0);
43 #endif
44 }
45
46 @@ -114,10 +116,13 @@
47 }
48
49 // does the header match?
50 - fread(header, 6, 1, fp);
51 + if (fread(header, 6, 1, fp) != 1) {
52 + fclose(fp);
53 + return (NULL);
54 + }
55 if (header[0] != 'A' && header[1] != 'X' && header[2] != '4' && header[3] != 'M' && header[4] != 'A' && header[5] != 'P') {
56 - return NULL;
57 fclose(fp);
58 + return NULL;
59 }
60
61 // get memory
62 @@ -132,24 +137,35 @@
63 // the code below reads these struct dumps in an arch neutral manner
64 // Note this dumps contains pointers, these are not used because these
65 // ofcourse point to some no longer valid address.
66 - fread(m, 64, 1, fp); // first 64 bytes data
67 - fread_int(&(m->width), fp);
68 - fread_int(&(m->height), fp);
69 - fread(header, 4, 1, fp); // skip the first pointer
70 - fread_int(&(m->offset_x), fp);
71 - fread_int(&(m->offset_y), fp);
72 - fread(header, 4, 1, fp); // skip the second pointer
73 - fread_int(&(m->start_x), fp);
74 - fread_int(&(m->start_y), fp);
75 + if (fread(m, 64, 1, fp) + // first 64 bytes data
76 + fread_int(&(m->width), fp) +
77 + fread_int(&(m->height), fp) +
78 + fread(header, 4, 1, fp) + // skip the first pointer
79 + fread_int(&(m->offset_x), fp) +
80 + fread_int(&(m->offset_y), fp) +
81 + fread(header, 4, 1, fp) + // skip the second pointer
82 + fread_int(&(m->start_x), fp) +
83 + fread_int(&(m->start_y), fp) != 9) {
84 + fclose(fp);
85 + free(m);
86 + return NULL;
87 + }
88
89 // read map data
90 m->dat = malloc(m->width * m->height * sizeof(Tmappos));
91 if (m->dat == NULL) {
92 + fclose(fp);
93 free(m);
94 return NULL;
95 }
96
97 - fread(m->dat, sizeof(Tmappos), m->width * m->height, fp);
98 + if (fread(m->dat, sizeof(Tmappos), m->width * m->height, fp) !=
99 + (size_t)m->width * m->height) {
100 + fclose(fp);
101 + free(m->dat);
102 + free(m);
103 + return NULL;
104 + }
105
106 // close file
107 fclose(fp);
108 @@ -228,24 +244,34 @@
109 if (fp == NULL) return FALSE;
110
111 // write header
112 - fwrite(header, 6, 1, fp);
113 + if (fwrite(header, 6, 1, fp) != 1) {
114 + fclose(fp);
115 + return FALSE;
116 + }
117
118 // write datastruct
119 // a mapfile should contain a raw dump of the Tmap struct as made on an
120 // i386 the code below writes a struct dump as an i386 in an arch
121 // neutral manner
122 - fwrite(m, 64, 1, fp); // first 64 bytes data
123 - fwrite_int(&(m->width), fp);
124 - fwrite_int(&(m->height), fp);
125 - fwrite(header, 4, 1, fp); // skip the first pointer
126 - fwrite_int(&(m->offset_x), fp);
127 - fwrite_int(&(m->offset_y), fp);
128 - fwrite(header, 4, 1, fp); // skip the second pointer
129 - fwrite_int(&(m->start_x), fp);
130 - fwrite_int(&(m->start_y), fp);
131 + if (fwrite(m, 64, 1, fp) + // first 64 bytes data
132 + fwrite_int(&(m->width), fp) +
133 + fwrite_int(&(m->height), fp) +
134 + fwrite(header, 4, 1, fp) + // skip the first pointer
135 + fwrite_int(&(m->offset_x), fp) +
136 + fwrite_int(&(m->offset_y), fp) +
137 + fwrite(header, 4, 1, fp) + // skip the second pointer
138 + fwrite_int(&(m->start_x), fp) +
139 + fwrite_int(&(m->start_y), fp) != 9) {
140 + fclose(fp);
141 + return (FALSE);
142 + }
143
144 // write map data
145 - fwrite(m->dat, sizeof(Tmappos), m->width * m->height, fp);
146 + if (fwrite(m->dat, sizeof(Tmappos), m->width * m->height, fp) !=
147 + (size_t)m->width * m->height) {
148 + fclose(fp);
149 + return (FALSE);
150 + }
151
152 // close file
153 fclose(fp);
+1
-0
debian/patches/series less more
33 allegro-4.2.patch
44 fsf-address.patch
55 compiler-warnings.patch
6 hardening.patch
+6
-0
debian/rules less more
1414 CFLAGS+= -Werror
1515 endif
1616
17 include /usr/share/hardening-includes/hardening.make
18 ifeq (,$(filter nohardening,$(DEB_BUILD_OPTIONS)))
19 CFLAGS+= $(HARDENING_CFLAGS)
20 LDFLAGS+= $(HARDENING_LDFLAGS)
21 endif
22
1723 export CPPFLAGS CFLAGS LDFLAGS
1824
1925 override_dh_auto_build: