SECURITY: Fix remote buffer overflow in !m17n flavors and bump package

revision accordingly. Problem reported on w3m-dev-en list.
2001-06-22 01:15:40 +00:00 · 2001-06-22 01:15:40 +00:00 · 3dea5200dc
commit 3dea5200dc
parent 401d785954
2 changed files with 16 additions and 1 deletions
--- a/www/w3m/Makefile
+++ b/www/w3m/Makefile
@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.18 2001/05/05 22:41:28 naddy Exp $
+# $OpenBSD: Makefile,v 1.19 2001/06/22 01:15:40 naddy Exp $

 ONLY_FOR_ARCHS=	i386 sparc m68k

@ -11,6 +11,7 @@ V_AITO=		0.2.1
 V_HSAKA=	0.19

 DISTNAME=	w3m-${V_AITO}
+PKGNAME=	${DISTNAME}p1
 CATEGORIES=	www
 NEED_VERSION=	1.364
 HOMEPAGE=	http://ei5nazha.yz.yamagata-u.ac.jp/~aito/w3m/eng/
@ -50,6 +51,8 @@ PATCHFILES=		${M17NPATCH}
 PATCH_DIST_STRIP=	-p1
 CONFIGURE_ARGS+=	-suffix="" -charset=UTF-8
 DOCS+=			README.m17n
+.else
+PATCH_LIST=		patch-* no_m17n-*
 .endif

 .if ${FLAVOR:L:Mkanji}
--- a/www/w3m/patches/no_m17n-mimehead_c
+++ b/www/w3m/patches/no_m17n-mimehead_c
@ -0,0 +1,12 @@
+$OpenBSD: no_m17n-mimehead_c,v 1.1 2001/06/22 01:15:40 naddy Exp $
+--- mimehead.c.orig	Fri Jun 22 02:51:21 2001
+++ mimehead.c	Fri Jun 22 02:51:45 2001
+@@ -174,7 +174,7 @@ decodeWord(char **ow)
+     if (*w != '=' || *(w + 1) != '?')
+ 	goto convert_fail;
+     w += 2;
+-    for (p = charset; *w != '?'; w++) {
+    for (p = charset; p - charset < 31 && *w != '?'; w++) {
+ 	if (*w == '\0')
+ 	    goto convert_fail;
+ 	*(p++) = *w;