From fe8651ad6c63b0c4260bd39b0b5b1cf0edea797c Mon Sep 17 00:00:00 2001
From: Peter Pentchev <roam@ringlet.net>
Date: Tue, 10 Mar 2009 14:51:54 +0000
Subject: [PATCH] Turn on the Debian build hardening wrapper.

---
 patches/11-double-bounce.patch |  4 +-
 patches/13-hardening.patch     | 99 ++++++++++++++++++++++++++++++++++
 patches/series                 |  1 +
 rules                          |  5 ++
 4 files changed, 107 insertions(+), 2 deletions(-)
 create mode 100644 patches/13-hardening.patch

diff --git a/patches/11-double-bounce.patch b/patches/11-double-bounce.patch
index 79ea4ab..8bb4166 100644
--- a/patches/11-double-bounce.patch
+++ b/patches/11-double-bounce.patch
@@ -145,11 +145,11 @@ helper installed by the package.
 +			exit(1);
 +		} else if (WIFSIGNALED(stat)) {
 +			syslog(LOG_ERR, "%s: double-bounce deferred: child process %ld died from signal %d; child process output: %s",
-+			       it->queueid, child, WTERMSIG(stat), buf);
++			       it->queueid, (long)child, WTERMSIG(stat), buf);
 +			exit(1);
 +		} else if (!WIFEXITED(stat)) {
 +			syslog(LOG_ERR, "%s: double-bounce deferred: child process %ld got an unexpected waitpid code of %d; child process output: %s",
-+			       it->queueid, child, stat, buf);
++			       it->queueid, (long)child, stat, buf);
 +			exit(1);
 +		} else if (WEXITSTATUS(stat) != 0) {
 +			syslog(LOG_ERR, "%s: double-bounce deferred: child process %ld exited with code %d; child process output: %s",
diff --git a/patches/13-hardening.patch b/patches/13-hardening.patch
new file mode 100644
index 0000000..ed2957b
--- /dev/null
+++ b/patches/13-hardening.patch
@@ -0,0 +1,99 @@
+Appease the Debian hardening wrapper:
+- check the result of fgets()
+- loop the network writes until the whole thing is sent
+- check one more write() result
+
+--- a/conf.c
++++ b/conf.c
+@@ -106,7 +106,8 @@
+ 		return (-1);
+ 
+ 	while (!feof(v)) {
+-		fgets(line, sizeof(line), v);
++		if (fgets(line, sizeof(line), v) == NULL)
++			break;
+ 		/* We hit a comment */
+ 		if (strchr(line, '#'))
+ 			*strchr(line, '#') = 0;
+@@ -162,7 +163,8 @@
+ 		return (1);
+ 
+ 	while (!feof(a)) {
+-		fgets(line, sizeof(line), a);
++		if (fgets(line, sizeof(line), a) == NULL)
++			break;
+ 		/* We hit a comment */
+ 		if (strchr(line, '#'))
+ 			*strchr(line, '#') = 0;
+@@ -199,7 +201,8 @@
+ 	config->features = 0;
+ 
+ 	while (!feof(conf)) {
+-		fgets(line, sizeof(line), conf);
++		if (fgets(line, sizeof(line), conf) == NULL)
++			break;
+ 		/* We hit a comment */
+ 		if (strchr(line, '#'))
+ 			*strchr(line, '#') = 0;
+--- a/net.c
++++ b/net.c
+@@ -73,23 +73,39 @@
+ {
+ 	va_list va;
+ 	char cmd[4096];
+-	ssize_t len = 0;
++	size_t len, pos;
++	int s;
++	ssize_t n;
+ 
+ 	va_start(va, fmt);
+-	vsprintf(cmd, fmt, va);
++	s = vsnprintf(cmd, sizeof(cmd) - 2, fmt, va);
++	va_end(va);
++	if (s == sizeof(cmd) - 2 || s < 0)
++		errx(1, "Internal error: oversized command string");
++	/* We *know* there are at least two more bytes available */
++	strcat(cmd, "\r\n");
++	len = strlen(cmd);
+ 
+ 	if (((config->features & SECURETRANS) != 0) &&
+ 	    ((config->features & NOSSL) == 0)) {
+-		len = SSL_write(config->ssl, (const char*)cmd, strlen(cmd));
+-		SSL_write(config->ssl, "\r\n", 2);
++		while ((s = SSL_write(config->ssl, (const char*)cmd, len)) <= 0) {
++			s = SSL_get_error(config->ssl, s);
++			if (s != SSL_ERROR_WANT_READ &&
++			    s != SSL_ERROR_WANT_WRITE)
++				return (-1);
++		}
+ 	}
+ 	else {
+-		len = write(fd, cmd, strlen(cmd));
+-		write(fd, "\r\n", 2);
++		pos = 0;
++		while (pos < len) {
++			n = write(fd, cmd + pos, len - pos);
++			if (n < 0)
++				return (-1);
++			pos += n;
++		}
+ 	}
+-	va_end(va);
+ 
+-	return (len+2);
++	return (len);
+ }
+ 
+ int
+--- a/dma.c
++++ b/dma.c
+@@ -608,7 +608,8 @@
+ 			break;
+ 		if (line[0] == '\n')
+ 			break;
+-		write(bounceq.mailfd, line, strlen(line));
++		if (write(bounceq.mailfd, line, strlen(line)) != strlen(line))
++			goto fail;
+ 	}
+ 	if (fsync(bounceq.mailfd) != 0)
+ 		goto fail;
diff --git a/patches/series b/patches/series
index 564737e..2bba0a0 100644
--- a/patches/series
+++ b/patches/series
@@ -10,3 +10,4 @@
 10-liblockfile.patch
 11-double-bounce.patch
 12-man-q-argument.patch
+13-hardening.patch
diff --git a/rules b/rules
index 4f5afbd..7d0ca36 100755
--- a/rules
+++ b/rules
@@ -15,6 +15,11 @@ endif
 ifneq (,$(filter nostrip,$(DEB_BUILD_OPTIONS)))
 	export STRIPFLAG=
 endif
+ifeq (,$(filter nohardening,$(DEB_BUILD_OPTIONS)))
+export DEB_BUILD_HARDENING=1
+else
+export DEB_BUILD_HARDENING=0
+endif
 
 export CFLAGS
 
-- 
2.47.3