I've prepared an update for widelands in squeeze in response to http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=624316
The security fix 1:15-3squeeze1 for bug #617960 introduced this extra bug, so this fix should really have been part of that upload, and someone also mentioned it in the bugreport, but I missed that email. I'm attaching the debdiff, cheers. diff -Nru widelands-15/debian/changelog widelands-15/debian/changelog --- widelands-15/debian/changelog 2011-04-19 14:35:17.000000000 +0200 +++ widelands-15/debian/changelog 2011-08-17 21:14:53.000000000 +0200 @@ -1,3 +1,10 @@ +widelands (1:15-3squeeze2) stable; urgency=low + + * Fix network play on official maps (bug introduced by patches/secfix-617960) + Added: patches/secfix-617960-aux (Closes: #624316) + + -- Enrico Tassi <[email protected]> Wed, 17 Aug 2011 21:12:34 +0200 + widelands (1:15-3squeeze1) stable; urgency=high * Closes a potential security issue in internet games. diff -Nru widelands-15/debian/patches/secfix-617960-aux widelands-15/debian/patches/secfix-617960-aux --- widelands-15/debian/patches/secfix-617960-aux 1970-01-01 01:00:00.000000000 +0100 +++ widelands-15/debian/patches/secfix-617960-aux 2011-08-17 21:11:22.000000000 +0200 @@ -0,0 +1,52 @@ +Index: widelands-15/src/io/filesystem/filesystem.cc +=================================================================== +--- widelands-15.orig/src/io/filesystem/filesystem.cc 2011-08-17 21:10:55.000000000 +0200 ++++ widelands-15/src/io/filesystem/filesystem.cc 2011-08-17 21:11:15.000000000 +0200 +@@ -100,25 +100,32 @@ + * on locale OS. + */ + std::string FileSystem::fixCrossFile(std::string path) { +-#ifdef WIN32 +- // We simply keep it as it is and do not care about slashes - they will +- // be replaced with backslashes in file read actions. +- return path; +-#else +- std::string fixedpath(path); +- std::string temp; + uint32_t path_size = path.size(); ++ std::string fixedPath(path); ++ std::string temp; + for (uint32_t i = 0; i < path_size; ++i) { +- temp = fixedpath.at(i); ++ temp = path.at(i); ++#ifdef WIN32 ++ if (temp == "/") ++#else + if (temp == "\\") +- fixedpath.at(i) = m_filesep; +- // As a security measure, eat all dots and tildes away when file is +- // tranferred over network. +- if (temp == "." || temp == "~") +- fixedpath.at(i) = '-'; +- } +- return fixedpath; + #endif ++ fixedPath.at(i) = m_filesep; ++ // As a security measure, eat all: ++ // * tildes ++ // * double dots ++ // * dots with following slash/backslash (but not a single dot - we need it in e.g. "xyz.wmf") ++ // away to avoid misuse of the file transfer function. ++ if (temp == "~") ++ fixedPath.at(i) = '_'; ++ if (temp == "." && (i + 1 < path_size)) { ++ std::string temp2; ++ temp2 = path.at(i + 1); ++ if (temp2 == "." || temp2 == "\\" || temp2 == "/") ++ fixedPath.at(i) = '_'; ++ } ++ } ++ return fixedPath; + } + + /** diff -Nru widelands-15/debian/patches/series widelands-15/debian/patches/series --- widelands-15/debian/patches/series 2011-04-19 12:35:23.000000000 +0200 +++ widelands-15/debian/patches/series 2011-08-17 21:10:44.000000000 +0200 @@ -1,2 +1,3 @@ s390 secfix-617960 +secfix-617960-aux -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected] Archive: http://lists.debian.org/[email protected]
