Security fix: addresses remote buffer overflow referenced here:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2001-0928 from MAINTAINER
This commit is contained in:
parent
e672e84db5
commit
33c163d5dc
@ -1,11 +1,12 @@
|
|||||||
# $OpenBSD: Makefile,v 1.16 2002/12/03 22:45:33 pvalchev Exp $
|
# $OpenBSD: Makefile,v 1.17 2003/05/10 02:46:54 marcm Exp $
|
||||||
|
|
||||||
COMMENT= "portable library for obtaining system information"
|
COMMENT= "portable library for obtaining system information"
|
||||||
|
|
||||||
DISTNAME= libgtop-1.0.13
|
DISTNAME= libgtop-1.0.13
|
||||||
|
PKGNAME= ${DISTNAME}p1
|
||||||
CATEGORIES= devel
|
CATEGORIES= devel
|
||||||
|
|
||||||
HOMEPAGE= http://www.home-of-linux.org/gnome/libgtop/
|
HOMEPAGE= http://www.gnome.org/softwaremap/projects/libgtop/
|
||||||
MAINTAINER= Jim Geovedi <jim@corebsd.or.id>
|
MAINTAINER= Jim Geovedi <jim@corebsd.or.id>
|
||||||
|
|
||||||
MASTER_SITES= ${MASTER_SITE_GNOME:=sources/libgtop/1.0/}
|
MASTER_SITES= ${MASTER_SITE_GNOME:=sources/libgtop/1.0/}
|
||||||
|
16
devel/libgtop/patches/patch-src_daemon_gnuserv_c
Normal file
16
devel/libgtop/patches/patch-src_daemon_gnuserv_c
Normal file
@ -0,0 +1,16 @@
|
|||||||
|
$OpenBSD: patch-src_daemon_gnuserv_c,v 1.1 2003/05/10 02:46:54 marcm Exp $
|
||||||
|
--- src/daemon/gnuserv.c.orig Fri May 9 17:06:45 2003
|
||||||
|
+++ src/daemon/gnuserv.c Fri May 9 17:09:13 2003
|
||||||
|
@@ -200,6 +200,12 @@ permitted (u_long host_addr, int fd)
|
||||||
|
|
||||||
|
auth_data_len = atoi (buf);
|
||||||
|
|
||||||
|
+ if (auth_data_len < 1 || auth_data_len > sizeof(buf)) {
|
||||||
|
+ syslog_message(LOG_WARNING,
|
||||||
|
+ "Invalid data length supplied by client");
|
||||||
|
+ return FALSE;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (timed_read (fd, buf, auth_data_len, AUTH_TIMEOUT, 0) != auth_data_len)
|
||||||
|
return FALSE;
|
||||||
|
|
Loading…
Reference in New Issue
Block a user