CVS commit: pkgsrc/sysutils

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/sysutils
From: "Michael van Elst" <mlelstv%netbsd.org@localhost>
Date: Tue, 13 Jan 2026 21:01:59 +0000

Module Name:    pkgsrc
Committed By:   mlelstv
Date:           Tue Jan 13 21:01:59 UTC 2026

Modified Files:
        pkgsrc/sysutils/amanda-client: Makefile
        pkgsrc/sysutils/amanda-common: distinfo
        pkgsrc/sysutils/amanda-common/patches: patch-client-src_runtar.c

Log Message:
Replace broken security patch for runtar.c with backport from
current amanda version.

Fixes PR 59874.


To generate a diff of this commit:
cvs rdiff -u -r1.73 -r1.74 pkgsrc/sysutils/amanda-client/Makefile
cvs rdiff -u -r1.27 -r1.28 pkgsrc/sysutils/amanda-common/distinfo
cvs rdiff -u -r1.1 -r1.2 \
    pkgsrc/sysutils/amanda-common/patches/patch-client-src_runtar.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/sysutils/amanda-client/Makefile
diff -u pkgsrc/sysutils/amanda-client/Makefile:1.73 pkgsrc/sysutils/amanda-client/Makefile:1.74
--- pkgsrc/sysutils/amanda-client/Makefile:1.73 Thu Oct 23 20:39:13 2025
+++ pkgsrc/sysutils/amanda-client/Makefile      Tue Jan 13 21:01:58 2026
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.73 2025/10/23 20:39:13 wiz Exp $
+# $NetBSD: Makefile,v 1.74 2026/01/13 21:01:58 mlelstv Exp $
 #
 
 PKGNAME=               amanda-client-${AMANDA_VERSION}
-PKGREVISION=           8
+PKGREVISION=           9
 
 COMMENT=               Client part of Amanda, a network backup system
 

Index: pkgsrc/sysutils/amanda-common/distinfo
diff -u pkgsrc/sysutils/amanda-common/distinfo:1.27 pkgsrc/sysutils/amanda-common/distinfo:1.28
--- pkgsrc/sysutils/amanda-common/distinfo:1.27 Fri Oct 17 07:55:17 2025
+++ pkgsrc/sysutils/amanda-common/distinfo      Tue Jan 13 21:01:58 2026
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.27 2025/10/17 07:55:17 kikadf Exp $
+$NetBSD: distinfo,v 1.28 2026/01/13 21:01:58 mlelstv Exp $
 
 BLAKE2s (amanda-3.3.9.tar.gz) = 2177c4b698edf1c9a7c8328a3423a7f75321e922107b54cac4d6823e91d855bc
 SHA512 (amanda-3.3.9.tar.gz) = 345670a20cff335453e8dcbf457d1fcdb9f266e4a03d729c2b1ba762f4fac323de4a87713d0fd54c11ca244a08dc97fb8c641625f7fa81cb241b3c17748b1b7e
@@ -10,7 +10,7 @@ SHA1 (patch-client-src_Makefile.am) = 64
 SHA1 (patch-client-src_calcsize.c) = 1a0f802d14d854de12cffd08d4fa88b6085a887d
 SHA1 (patch-client-src_getfsent.c) = 903a921b8679ddcff1fdd838ffdce16a6d8da46f
 SHA1 (patch-client-src_rundump.c) = 4261c0cce67674a8333c4d7e48fbf8484d4d3650
-SHA1 (patch-client-src_runtar.c) = a8035529c5aaf1e42c0d212921f4f3e394516230
+SHA1 (patch-client-src_runtar.c) = 2f9cf1d58b57605dc75c049e1ffc5e20d6301cf2
 SHA1 (patch-client-src_sendbackup-dump.c) = aea1aca0bbcdab0c393b012a592cbc5ca458acec
 SHA1 (patch-client-src_sendsize.c) = 32a1627c250b6413e4695a610bba59796c6e7ed6
 SHA1 (patch-common-src_Makefile.am) = 0dd6cbd5707e08d3d0eb219e4a1bb002f8053e82

Index: pkgsrc/sysutils/amanda-common/patches/patch-client-src_runtar.c
diff -u pkgsrc/sysutils/amanda-common/patches/patch-client-src_runtar.c:1.1 pkgsrc/sysutils/amanda-common/patches/patch-client-src_runtar.c:1.2
--- pkgsrc/sysutils/amanda-common/patches/patch-client-src_runtar.c:1.1 Fri Oct 17 07:55:17 2025
+++ pkgsrc/sysutils/amanda-common/patches/patch-client-src_runtar.c     Tue Jan 13 21:01:59 2026
@@ -1,19 +1,193 @@
-$NetBSD: patch-client-src_runtar.c,v 1.1 2025/10/17 07:55:17 kikadf Exp $
+$NetBSD: patch-client-src_runtar.c,v 1.2 2026/01/13 21:01:59 mlelstv Exp $
 
 * Fix CVE-2022-37705,
-  https://github.com/zmanda/amanda/commit/497410c7555376795f324e5bd2cbed7742219099
+  Backported runtar.c version from amanda-3.5.4.
 
---- client-src/runtar.c.orig   2025-10-17 07:41:49.922060195 +0000
+--- client-src/runtar.c.orig    2025-10-17 07:41:49.922060195 +0000
 +++ client-src/runtar.c
-@@ -183,9 +183,9 @@ main(
+@@ -1,7 +1,8 @@
+ /*
+  * Amanda, The Advanced Maryland Automatic Network Disk Archiver
+  * Copyright (c) 1991-1998 University of Maryland at College Park
+- * Copyright (c) 2007-2013 Zmanda, Inc.  All Rights Reserved.
++ * Copyright (c) 2007-2012 Zmanda, Inc.  All Rights Reserved.
++ * Copyright (c) 2013-2016 Carbonite, Inc.  All Rights Reserved.
+  * All Rights Reserved.
+  *
+  * Permission to use, copy, modify, distribute, and sell this software and its
+@@ -35,10 +36,12 @@
+  * ...
+  */
+ #include "amanda.h"
+ #include "util.h"
+ #include "conffile.h"
+ #include "client_util.h"
+ 
++static const char *whitelisted_args[] = {"--blocking-factor", "--file", "--directory", "--exclude", "--transform", "--listed-incremental", "--newer", "--exclude-from", "--files-from", NULL};
++
+ int main(int argc, char **argv);
+ 
+ int
+@@ -48,14 +51,21 @@ main(
+ {
+ #ifdef GNUTAR
+     int i;
++    char **j;
+     char *e;
+     char *dbf;
+     char *cmdline;
++    GPtrArray *array = g_ptr_array_new();
++    gchar **strings;
++    char **new_argv;
++    char **env;
+     char *my_realpath = NULL;
+ #endif
+     int good_option;
+ 
+-    if (argc > 1 && argv && argv[1] && g_str_equal(argv[1], "--version")) {
++    glib_init();
++
++    if (argc > 1 && argv[1] && g_str_equal(argv[1], "--version")) {
+       printf("runtar-%s\n", VERSION);
+       return (0);
+     }
+@@ -65,7 +75,7 @@ main(
+      *   1) Only set the message locale for now.
+      *   2) Set textdomain for all amanda related programs to "amanda"
+      *      We don't want to be forced to support dozens of message catalogs.
+-     */  
++     */
+     setlocale(LC_MESSAGES, "C");
+     textdomain("amanda"); 
+ 
+@@ -78,7 +88,11 @@ main(
+     signal(SIGPIPE, SIG_IGN);
+ 
+     dbopen(DBG_SUBDIR_CLIENT);
++#if 0 /* not in amanda-common-3.3.9 */
++    config_init(CONFIG_INIT_CLIENT|CONFIG_INIT_GLOBAL, NULL);
++#else
+     config_init(CONFIG_INIT_CLIENT, NULL);
++#endif
+ 
+     if (argc < 3) {
+       error(_("Need at least 3 arguments\n"));
+@@ -87,7 +101,7 @@ main(
+ 
+     dbprintf(_("version %s\n"), VERSION);
+ 
+-    if (strcmp(argv[3], "--create") != 0) {
++    if (!g_str_equal(argv[3], "--create")) {
+       error(_("Can only be used to create tar archives\n"));
+       /*NOTREACHED*/
+     }
+@@ -138,21 +152,21 @@ main(
+     argv++;
+ 
+     dbprintf(_("config: %s\n"), argv[0]);
+-    if (strcmp(argv[0], "NOCONFIG") != 0)
++    if (!g_str_equal(argv[0], "NOCONFIG"))
+       dbrename(argv[0], DBG_SUBDIR_CLIENT);
+     argc--;
+     argv++;
+ 
++    new_argv = g_new0(char *, argc+1);
++
+     if (!check_exec_for_suid("GNUTAR_PATH", GNUTAR, stderr, &my_realpath)) {
+       dbclose();
+       exit(1);
+     }
+-
+-    cmdline = stralloc(my_realpath);
++    new_argv[0] = g_strdup_printf("%s", argv[0]);
++    g_ptr_array_add(array, g_strdup(my_realpath));
+     good_option = 0;
+     for (i = 1; argv[i]; i++) {
+-      char *quoted;
+-
+       if (good_option <= 0) {
+           if (g_str_has_prefix(argv[i],"--rsh-command") ||
+               g_str_has_prefix(argv[i],"--to-command") ||
+@@ -171,7 +185,8 @@ main(
+               g_str_has_prefix(argv[i],"--atime-preserve") ||
+               g_str_has_prefix(argv[i],"--sparse") ||
+               g_str_has_prefix(argv[i],"--ignore-failed-read") ||
+-              g_str_has_prefix(argv[i],"--numeric-owner")) {
++              g_str_has_prefix(argv[i],"--numeric-owner") ||
++              g_str_has_prefix(argv[i],"--verbose")) {
+               /* Accept theses options */
+               good_option++;
+           } else if (g_str_has_prefix(argv[i],"--blocking-factor") ||
+@@ -183,8 +198,23 @@ main(
                g_str_has_prefix(argv[i],"--newer") ||
                g_str_has_prefix(argv[i],"--exclude-from") ||
                g_str_has_prefix(argv[i],"--files-from")) {
 -              /* Accept theses options with the following argument */
 -              good_option += 2;
-+              good_option++;
++              if (strchr(argv[i], '=')) {
++                  good_option++;
++              } else {
++                  /* Accept theses options with the following argument */
++                  good_option += 2;
++
++            /* Whitelisting only the allowed arguments*/
++            for(j=whitelisted_args; *j; j++) {
++                if (strcmp(argv[i], *j) == 0) {
++                    break;
++                }
++            }
++
++            if (!*j) {
++                good_option = 0; // not allowing arguments absent in the whitelist
++            }
++              }
            } else if (argv[i][0] != '-') {
-+              /* argument values are accounted for here */
                good_option++;
            }
+@@ -192,22 +222,32 @@ main(
+       if (good_option <= 0) {
+           error("error [%s invalid option: %s]", get_pname(), argv[i]);
        }
++        g_ptr_array_add(array, quote_string(argv[i]));
++      new_argv[i] = g_strdup_printf("%s", argv[i]);
+       good_option--;
+-
+-      quoted = quote_string(argv[i]);
+-      cmdline = vstrextend(&cmdline, " ", quoted, NULL);
+-      amfree(quoted);
+     }
++
++    g_ptr_array_add(array, NULL);
++    strings = (gchar **)g_ptr_array_free(array, FALSE);
++
++    cmdline = g_strjoinv(" ", strings);
++    g_strfreev(strings);
++
+     dbprintf(_("running: %s\n"), cmdline);
+     amfree(cmdline);
+ 
+     dbf = dbfn();
+     if (dbf) {
+-      dbf = stralloc(dbf);
++      dbf = g_strdup(dbf);
+     }
+     dbclose();
+ 
+-    execve(my_realpath, argv, safe_env());
++    env = safe_env();
++    execve(my_realpath, new_argv, env);
++#if 0 /* not in amanda-common-3.3.9 */
++    free_env(env);
++    free_env(new_argv);
++#endif
+ 
+     e = strerror(errno);
+     dbreopen(dbf, "more");
+@@ -216,6 +256,7 @@ main(
+     dbclose();
+ 
+     g_fprintf(stderr, _("runtar: could not exec %s: %s\n"), my_realpath, e);
++    g_free(my_realpath);
+     return 1;
+ #endif
+ }

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/devel/p5-Test-Harness-Straps
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/devel/p5-Test-Harness-Straps
Indexes:

Home | Main Index | Thread Index | Old Index