sync/ports
1
0
Fork 0
mirror of https://git.freebsd.org/ports.git synced 2025-05-30 09:56:43 -04:00
Code Issues Projects Releases Packages Wiki Activity Actions

security/gvm: Fix issues with newer version of glib2/pcre2

Browse source 
PR:		267429
Reported by:	freebsd _at_ ny-central.org, andrew _at_ tekrealm.net
Obtained from:	https://github.com/greenbone/gvmd/pull/1867/files
This commit is contained in:
Jose Alonso Cardenas Marquez 2022-10-30 18:01:31 -05:00
parent 56fcffd865
commit db1cf95d31
11 changed files with 172 additions and 14 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
security/gsad/Makefile
View file

@ -1,6 +1,7 @@
PORTNAME= gsad PORTNAME= gsad
DISTVERSIONPREFIX= v DISTVERSIONPREFIX= v
DISTVERSION= 22.4.0 DISTVERSION= 22.4.0
PORTREVISION= 1
CATEGORIES= security CATEGORIES= security
MAINTAINER= acm@FreeBSD.org MAINTAINER= acm@FreeBSD.org

51
security/gsad/files/patch-src_gsad.c Normal file
View file

@ -0,0 +1,51 @@
--- src/gsad.c 2022-10-30 17:54:07.766381000 -0500
+++ src/gsad.c 2022-10-30 17:57:38.383048000 -0500
@@ -480,7 +480,7 @@
gvm_validator_add (validator, "asset_name", "(?s)^.*$");
gvm_validator_add (validator, "asset_type", "^(host|os)$");
gvm_validator_add (validator, "asset_id",
- "^([[:alnum:]-_.:\\/~()']|&)+$");
+ "^([[:alnum:]\\-_.:\\/~()']|&)+$");
gvm_validator_add (validator, "auth_algorithm", "^(md5|sha1)$");
gvm_validator_add (validator, "auth_method", "^(0|1|2)$");
/* Defined in RFC 2253. */
@@ -595,7 +595,7 @@
gvm_validator_add (validator, "list_fname",
"^([[:alnum:]_-]|%[%CcDFMmNTtUu])+$");
/* Used for users, credentials, and scanner login name. */
- gvm_validator_add (validator, "login", "^[[:alnum:]-_@.]+$");
+ gvm_validator_add (validator, "login", "^[[:alnum:]\\-_@.]+$");
gvm_validator_add (validator, "lsc_password", "^.*$");
gvm_validator_add (validator, "max_result", "^[0-9]+$");
gvm_validator_add (validator, "max_groups", "^-?[0-9]+$");
@@ -605,10 +605,10 @@
gvm_validator_add (validator, "note_required", "(?s)^(.)+$");
gvm_validator_add (validator, "note_id", "^[a-z0-9\\-]+$");
gvm_validator_add (validator, "override_id", "^[a-z0-9\\-]+$");
- gvm_validator_add (validator, "name", "^[#-_[:alnum:], \\./]*$");
+ gvm_validator_add (validator, "name", "^[#\\-_[:alnum:], \\./]*$");
gvm_validator_add (validator, "info_name", "(?s)^.*$");
gvm_validator_add (validator, "info_type", "(?s)^.*$");
- gvm_validator_add (validator, "info_id", "^([[:alnum:]-_.:\\/~()']|&)+$");
+ gvm_validator_add (validator, "info_id", "^([[:alnum:]\\-_.:\\/~()']|&)+$");
gvm_validator_add (validator, "details", "^[0-1]$");
/* Number is special cased in params_mhd_validate to remove the space. */
gvm_validator_add (validator, "number", "^ *[0-9]+ *$");
@@ -660,7 +660,7 @@
"filter|group|host|info|nvt|note|os|ovaldef|override|permission|port_list|"
"report|report_format|result|role|scanner|schedule|tag|target|task|ticket|"
"tls_certificate|user|vuln|)$");
- gvm_validator_add (validator, "resource_id", "^[[:alnum:]-_.:\\/~]*$");
+ gvm_validator_add (validator, "resource_id", "^[[:alnum:]\\-_.:\\/~]*$");
gvm_validator_add (validator, "resources_action", "^(|add|set|remove)$");
gvm_validator_add (
validator, "optional_resource_type",
@@ -719,7 +719,7 @@
gvm_validator_add (validator, "uuid", "^[0-9abcdefABCDEF\\-]{1,40}$");
gvm_validator_add (validator, "usage_type", "^(audit|policy|scan|)$");
/* This must be "login" with space and comma. */
- gvm_validator_add (validator, "users", "^[[:alnum:]-_@., ]*$");
+ gvm_validator_add (validator, "users", "^[[:alnum:]\\-_@., ]*$");
gvm_validator_add (validator, "x_field", "^[\\[\\]_[:alnum:]]+$");
gvm_validator_add (validator, "y_fields:name", "^[0-9]+$");
gvm_validator_add (validator, "y_fields:value", "^[\\[\\]_[:alnum:]]+$");

2
security/gvm/Makefile
View file

@ -1,6 +1,6 @@
PORTNAME= gvm PORTNAME= gvm
PORTVERSION= 22.4.0 PORTVERSION= 22.4.0
PORTREVISION= 3 PORTREVISION= 4
CATEGORIES= security CATEGORIES= security
MAINTAINER= acm@FreeBSD.org MAINTAINER= acm@FreeBSD.org

5
security/gvmd/Makefile
View file

@ -1,6 +1,6 @@
PORTNAME= gvmd PORTNAME= gvmd
DISTVERSION= 22.4.0 DISTVERSION= 22.4.0
PORTREVISION= 1 PORTREVISION= 2
DISTVERSIONPREFIX= v DISTVERSIONPREFIX= v
CATEGORIES= security CATEGORIES= security
@ -50,8 +50,7 @@ post-patch:
${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' ${WRKSRC}/src/manage_sql.c ${REINPLACE_CMD} -e 's|%%LOCALBASE%%|${LOCALBASE}|g' ${WRKSRC}/src/manage_sql.c
${REINPLACE_CMD} -e 's|+660|660|g' ${WRKSRC}/tools/greenbone-feed-sync.in ${REINPLACE_CMD} -e 's|+660|660|g' ${WRKSRC}/tools/greenbone-feed-sync.in
${REINPLACE_CMD} -e 's|#include <bsd/unistd.h>||g' ${WRKSRC}/src/manage.c \ ${REINPLACE_CMD} -e 's|#include <bsd/unistd.h>||g' ${WRKSRC}/src/manage.c \
${WRKSRC}/src/gvmd.c ${WRKSRC}/src/manage_sql_secinfo.c \ ${WRKSRC}/src/gvmd.c ${WRKSRC}/src/manage_sql_secinfo.c
${WRKSRC}/src/manage_sql.c ${WRKSRC}/src/manage_sql_report_formats.c
post-install: post-install:
@${MKDIR} ${STAGEDIR}/var/lib/gvm/gvmd/gnupg @${MKDIR} ${STAGEDIR}/var/lib/gvm/gvmd/gnupg

15
security/gvmd/files/patch-src_manage.c
View file

@ -1,6 +1,6 @@
--- src/manage.c 2020-12-31 17:01:32.913198000 -0500 --- src/manage.c 2022-07-21 02:20:24.000000000 -0500
+++ src/manage.c 2020-12-31 17:01:47.001860000 -0500 +++ src/manage.c 2022-10-30 17:41:24.914386000 -0500
@@ -75,6 +75,7 @@ @@ -76,6 +76,7 @@
#include <sys/file.h> #include <sys/file.h>
#include <sys/stat.h> #include <sys/stat.h>
#include <sys/types.h> #include <sys/types.h>
@ -8,3 +8,12 @@
#include <sys/wait.h> #include <sys/wait.h>
#include <time.h> #include <time.h>
#include <unistd.h> #include <unistd.h>
@@ -5952,7 +5953,7 @@
int
validate_username (const gchar * name)
{
- if (g_regex_match_simple ("^[[:alnum:]-_.]+$", name, 0, 0))
+ if (g_regex_match_simple ("^[[:alnum:]_.-]+$", name, 0, 0))
return 0;
else
return 1;

11
security/gvmd/files/patch-src_manage_configs.c Normal file
View file

@ -0,0 +1,11 @@
--- src/manage_configs.c 2022-10-30 17:15:56.559846000 -0500
+++ src/manage_configs.c 2022-10-30 17:17:03.298223000 -0500
@@ -316,7 +316,7 @@
split = g_regex_split_simple
(/* Full-and-Fast--daba56c8-73ec-11df-a475-002264764cea.xml */
- "^.*([0-9a-f]{8})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{12}).xml$",
+ "^.*([0-9a-f]{8})\\-([0-9a-f]{4})\\-([0-9a-f]{4})\\-([0-9a-f]{4})\\-([0-9a-f]{12}).xml$",
path, 0, 0);
if (split == NULL || g_strv_length (split) != 7)

11
security/gvmd/files/patch-src_manage_port_lists.c Normal file
View file

@ -0,0 +1,11 @@
--- src/manage_port_lists.c 2022-10-30 17:18:04.068398000 -0500
+++ src/manage_port_lists.c 2022-10-30 17:18:35.850793000 -0500
@@ -252,7 +252,7 @@
split = g_regex_split_simple
(/* Full-and-Fast--daba56c8-73ec-11df-a475-002264764cea.xml */
- "^.*([0-9a-f]{8})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{12}).xml$",
+ "^.*([0-9a-f]{8})\\-([0-9a-f]{4})\\-([0-9a-f]{4})\\-([0-9a-f]{4})\\-([0-9a-f]{12}).xml$",
path, 0, 0);
if (split == NULL || g_strv_length (split) != 7)

11
security/gvmd/files/patch-src_manage_report_formats.c Normal file
View file

@ -0,0 +1,11 @@
--- src/manage_report_formats.c 2022-10-30 17:19:27.476854000 -0500
+++ src/manage_report_formats.c 2022-10-30 17:19:55.531658000 -0500
@@ -612,7 +612,7 @@
split = g_regex_split_simple
(/* Full-and-Fast--daba56c8-73ec-11df-a475-002264764cea.xml */
- "^.*([0-9a-f]{8})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{4})-([0-9a-f]{12}).xml$",
+ "^.*([0-9a-f]{8})\\-([0-9a-f]{4})\\-([0-9a-f]{4})\\-([0-9a-f]{4})\\-([0-9a-f]{12}).xml$",
path, 0, 0);
if (split == NULL || g_strv_length (split) != 7)

47
security/gvmd/files/patch-src_manage_sql.c
View file

@ -1,6 +1,6 @@
--- src/manage_sql.c 2021-04-16 02:27:18.000000000 -0500 --- src/manage_sql.c 2022-07-21 02:20:24.000000000 -0500
+++ src/manage_sql.c 2021-06-14 19:33:56.599632000 -0500 +++ src/manage_sql.c 2022-10-30 17:32:08.342879000 -0500
@@ -52,7 +52,6 @@ @@ -54,7 +54,6 @@
#include <errno.h> #include <errno.h>
#include <glib/gstdio.h> #include <glib/gstdio.h>
#include <gnutls/x509.h> #include <gnutls/x509.h>
@ -8,7 +8,24 @@
#include <pwd.h> #include <pwd.h>
#include <stdlib.h> #include <stdlib.h>
#include <sys/socket.h> #include <sys/socket.h>
@@ -9075,7 +9074,7 @@ @@ -71,7 +70,6 @@
#include <gvm/base/hosts.h>
#include <gvm/base/pwpolicy.h>
#include <gvm/base/logging.h>
-#include <bsd/unistd.h>
#include <gvm/util/fileutils.h>
#include <gvm/util/gpgmeutils.h>
#include <gvm/util/serverutils.h>
@@ -6997,7 +6995,7 @@
if (strcmp (name, "tp_sms_hostname") == 0)
{
- if (g_regex_match_simple ("^[0-9A-Za-z][0-9A-Za-z.-]*$",
+ if (g_regex_match_simple ("^[0-9A-Za-z][0-9A-Za-z.\\-]*$",
*data, 0, 0)
== FALSE)
{
@@ -9122,7 +9120,7 @@
g_debug (" HTTP_GET %s", url); g_debug (" HTTP_GET %s", url);
cmd = (gchar **) g_malloc (5 * sizeof (gchar *)); cmd = (gchar **) g_malloc (5 * sizeof (gchar *));
@ -17,7 +34,7 @@
cmd[1] = g_strdup ("-O"); cmd[1] = g_strdup ("-O");
cmd[2] = g_strdup ("-"); cmd[2] = g_strdup ("-");
cmd[3] = g_strdup (url); cmd[3] = g_strdup (url);
@@ -15262,8 +15261,6 @@ @@ -15349,8 +15347,6 @@
} }
cleanup_iterator (&nvts); cleanup_iterator (&nvts);
@ -26,3 +43,23 @@
} }
/** /**
@@ -49740,8 +49736,8 @@
*/
languages_regex
= g_regex_new ("^(Browser Language|"
- "([a-z]{2,3})(_[A-Z]{2})?(@[[:alnum:]_-]+)?"
- "(:([a-z]{2,3})(_[A-Z]{2})?(@[[:alnum:]_-]+)?)*)$",
+ "([a-z]{2,3})(_[A-Z]{2})?(@[[:alnum:]_\\-]+)?"
+ "(:([a-z]{2,3})(_[A-Z]{2})?(@[[:alnum:]_\\-]+)?)*)$",
0, 0, NULL);
match = g_regex_match (languages_regex, value, 0, NULL);
g_regex_unref (languages_regex);
@@ -50309,7 +50305,7 @@
if (strcmp (uuid, SETTING_UUID_LSC_DEB_MAINTAINER) == 0)
{
if (g_regex_match_simple
- ("^([[:alnum:]-_]*@[[:alnum:]-_][[:alnum:]-_.]*)?$",
+ ("^([[:alnum:]\\-_]*@[[:alnum:]\\-_][[:alnum:]\\-_.]*)?$",
value, 0, 0) == FALSE)
return 1;
}

19
security/gvmd/files/patch-src_manage_sql_report_formats.c Normal file
View file

@ -0,0 +1,19 @@
--- src/manage_sql_report_formats.c 2022-07-21 02:20:24.000000000 -0500
+++ src/manage_sql_report_formats.c 2022-10-30 17:34:50.896890000 -0500
@@ -45,7 +45,6 @@
#include <unistd.h>
#include <gvm/base/gvm_sentry.h>
-#include <bsd/unistd.h>
#include <gvm/util/uuidutils.h>
#include <gvm/util/fileutils.h>
@@ -2472,7 +2471,7 @@
case REPORT_FORMAT_PARAM_TYPE_REPORT_FORMAT_LIST:
{
if (g_regex_match_simple
- ("^(?:[[:alnum:]-_]+)?(?:,(?:[[:alnum:]-_])+)*$", value, 0, 0)
+ ("^(?:[[:alnum:]\\-_]+)?(?:,(?:[[:alnum:]\\-_])+)*$", value, 0, 0)
== FALSE)
return 1;
else

13
security/gvmd/files/patch-src_utils.c
View file

@ -1,5 +1,5 @@
--- src/utils.c 2020-12-31 16:52:50.534962000 -0500 --- src/utils.c 2022-07-21 02:20:24.000000000 -0500
+++ src/utils.c 2020-12-31 16:52:59.759527000 -0500 +++ src/utils.c 2022-10-30 17:36:49.935808000 -0500
@@ -34,7 +34,7 @@ @@ -34,7 +34,7 @@
/** /**
* @brief Needed for nanosleep. * @brief Needed for nanosleep.
@ -9,3 +9,12 @@
#include "utils.h" #include "utils.h"
@@ -339,7 +339,7 @@
epoch_time = 0;
if (regex == NULL)
- regex = g_regex_new ("^([0-9]{4}-[0-9]{2}-[0-9]{2})"
+ regex = g_regex_new ("^([0-9]{4}\\-[0-9]{2}\\-[0-9]{2})"
"[T ]([0-9]{2}:[0-9]{2})"
"(:[0-9]{2})?(?:\\.[0-9]+)?"
"(Z|[+-][0-9]{2}:?[0-9]{2})?$",