From 520dab34ad9993eb440e1580033800550102f3fe Mon Sep 17 00:00:00 2001
From: Juergen Daubert <jue@jue.li>
Date: Thu, 16 Oct 2014 17:59:40 +0200
Subject: [PATCH] sysklogd: update to 1.5.1

---
 sysklogd/.md5sum                         |  3 +-
 sysklogd/Pkgfile                         | 15 ++--
 sysklogd/sysklogd-1.5_CVE-2014-3634.diff | 91 ------------------------
 3 files changed, 5 insertions(+), 104 deletions(-)
 delete mode 100644 sysklogd/sysklogd-1.5_CVE-2014-3634.diff

diff --git a/sysklogd/.md5sum b/sysklogd/.md5sum
index b0bf5206..f7742c82 100644
--- a/sysklogd/.md5sum
+++ b/sysklogd/.md5sum
@@ -1,6 +1,5 @@
 41dfad9077311e159c793216adf90723  rotatelog
 a1bb71ed6b0ce791cb7f9fa0089a09ef  sysklogd
-e053094e8103165f98ddafe828f6ae4b  sysklogd-1.5.tar.gz
-b87e652115b7b2d0cd1615a2323fcfbe  sysklogd-1.5_CVE-2014-3634.diff
+c70599ab0d037fde724f7210c2c8d7f8  sysklogd-1.5.1.tar.gz
 844e5e75944beb8cf4f39a0535e56ba4  syslog
 f8d478b8d60c1d3879f4a10a955db6e5  syslog.conf
diff --git a/sysklogd/Pkgfile b/sysklogd/Pkgfile
index 379b8caa..6b1f8c88 100644
--- a/sysklogd/Pkgfile
+++ b/sysklogd/Pkgfile
@@ -3,21 +3,14 @@
 # Maintainer:  CRUX System Team, core-ports at crux dot nu
 
 name=sysklogd
-version=1.5
-release=6
-source=(http://www.ibiblio.org/pub/Linux/system/daemons/$name-$version.tar.gz \
-        rotatelog syslog syslog.conf sysklogd
-        $name-${version}_CVE-2014-3634.diff)
+version=1.5.1
+release=1
+source=(http://www.infodrom.org/projects/$name/download/$name-$version.tar.gz \
+        rotatelog syslog syslog.conf sysklogd)
 
 build() {
     cd $name-$version
 
-    # http://seclists.org/oss-sec/2014/q4/79
-    patch -p1 -i $SRC/$name-${version}_CVE-2014-3634.diff
-
-    # don't try to fclose(NULL)
-    sed -i -e '192d' ksym_mod.c
-
     mkdir -p $PKG/usr/sbin \
              $PKG/etc/{cron/weekly,rc.d} \
              $PKG/var/log \
diff --git a/sysklogd/sysklogd-1.5_CVE-2014-3634.diff b/sysklogd/sysklogd-1.5_CVE-2014-3634.diff
deleted file mode 100644
index bc64756f..00000000
--- a/sysklogd/sysklogd-1.5_CVE-2014-3634.diff
+++ /dev/null
@@ -1,91 +0,0 @@
-From 43797330e75d7d4687b7ae6926a996c3c85c2679 Mon Sep 17 00:00:00 2001
-From: mancha <mancha1 AT zoho DOT com>
-Date: Wed, 1 Oct 2014
-Subject: CVE-2014-3634
-
-Rainer Gerhards, rsyslog project leader, discovered an issue in rsyslogd
-where invalid priority values can trigger DoS and potentially RCE.
-
-As his analysis reveals, the cause of the problem identified in rsyslog's
-rsyslogd also exists in sysklogd's syslogd (from which rsyslogd was forked)
-and stems from the use of a (LOG_FACMASK|LOG_PRIMASK) mask to detect invalid
-priority values.
-
-In sysklogd's syslogd, invalid priority values between 192 and 1023 (directly
-or arrived at via overflow wraparound) can propagate through code causing
-out-of-bounds access to the f_pmask array within the 'filed' structure by up
-to 104 bytes past its end. Though most likely insufficient to reach
-unallocated memory because there are around 544 bytes past f_pmask in 'filed'
-(mod packing and other differences), incorrect access of fields at higher
-positions of the 'filed' structure definition can cause unexpected behavior
-including message mis-classification, forwarding issues, message loss,
-or other.
-
-This patch imposes a restriction on PRI message parts and requires they
-be properly-delimited priority value strings that have non-negative
-numerical values not exceeding 191. As before, sysklogd's syslogd permits
-zero padding to not break compatibility with RFC-non-compliant loggers that
-issue PRIs such as <0091>. Messages without well-formed PRI parts get
-logged with priority user.notice (13). (c.f. RFC 3164)
-
-Thanks to Rainer Gerhards for the initial report and analysis.
-
-[1] http://www.rsyslog.com/remote-syslog-pri-vulnerability/
-[2] http://www.rsyslog.com/remote-syslog-pri-vulnerability-cve-2014-3683/
-
----
- syslogd.c |   25 +++++++++++++++++++------
- 1 file changed, 19 insertions(+), 6 deletions(-)
-
---- a/syslogd.c
-+++ b/syslogd.c
-@@ -632,6 +632,8 @@ int funix[MAXFUNIX] = { -1, };
- #define TABLE_ALLPRI    0xFF    /* Value to indicate all priorities in f_pmask */
- #define	LOG_MARK	LOG_MAKEPRI(LOG_NFACILITIES, 0)	/* mark "facility" */
- 
-+#define MAX_PRI		191	/* Maximum Priority per RFC 3164 */
-+
- /*
-  * Flags to logmsg().
-  */
-@@ -1491,23 +1493,34 @@ void printline(hname, msg)
- 	register char *p, *q;
- 	register unsigned char c;
- 	char line[MAXLINE + 1];
--	int pri;
-+	unsigned int pri;       	// Valid Priority values are 0-191
-+	int prilen=0;			// Track Priority value string len
-+	int msglen;
- 
- 	/* test for special codes */
-+	msglen=strlen(msg);
- 	pri = DEFUPRI;
- 	p = msg;
- 
- 	if (*p == '<') {
- 		pri = 0;
--		while (isdigit(*++p))
--		{
--		   pri = 10 * pri + (*p - '0');
-+		while (--msglen > 0 && isdigit((unsigned char)*++p) &&
-+		      			pri <= MAX_PRI) {
-+			pri = 10 * pri + (*p - '0');
-+			prilen++;
- 		}
--		if (*p == '>')
-+		if (*p == '>' && prilen)
- 			++p;
-+		else {
-+			pri = DEFUPRI;
-+			p = msg;
-+		}
- 	}
--	if (pri &~ (LOG_FACMASK|LOG_PRIMASK))
-+
-+	if ((pri &~ (LOG_FACMASK|LOG_PRIMASK)) || (pri > MAX_PRI)) {
- 		pri = DEFUPRI;
-+		p = msg;
-+	}
- 
- 	memset (line, 0, sizeof(line));
- 	q = line;