fix buffer overflow in falconseye which may lead to privilege escalation

to gid games. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0358 ok naddy@
2003-08-28 20:38:09 +00:00 · 2003-08-28 20:38:09 +00:00 · 5436d98f22
commit 5436d98f22
parent 25f82a9f82
2 changed files with 18 additions and 2 deletions
--- a/games/falconseye/Makefile
+++ b/games/falconseye/Makefile
@ -1,10 +1,10 @@
-# $OpenBSD: Makefile,v 1.11 2003/08/04 12:38:12 espie Exp $
+# $OpenBSD: Makefile,v 1.12 2003/08/28 20:38:09 brad Exp $

 COMMENT=	"NetHack derivative"

 VERSION=	1.9.3
 DISTNAME=	nethack_source_331_jtp_${VERSION:S/.//g}
-PKGNAME=	falconseye-${VERSION}
+PKGNAME=	falconseye-${VERSION}p1
 CATEGORIES=	games x11
 EXTRACT_SUFX=	.zip

--- a/games/falconseye/patches/patch-src_topten_c
+++ b/games/falconseye/patches/patch-src_topten_c
@ -0,0 +1,16 @@
+$OpenBSD: patch-src_topten_c,v 1.1 2003/08/28 20:38:10 brad Exp $
+--- src/topten.c.orig	2003-08-27 21:11:41.000000000 -0400
+++ src/topten.c	2003-08-27 21:13:41.000000000 -0400
+@@ -855,6 +855,12 @@ char **argv;
+ 	    else {
+ 		if (playerct > 1) Strcat(pbuf, "any of ");
+ 		for (i = 0; i < playerct; i++) {
+		    /* stop printing players if there are too many to fit */
+		    if (strlen(pbuf) + strlen(players[i]) + 2 >= BUFSZ) {
+			if (strlen(pbuf) < BUFSZ-4) Strcat(pbuf, "...");
+			else Strcpy(pbuf+strlen(pbuf)-4, "...");
+			break;
+		    }
+ 		    Strcat(pbuf, players[i]);
+ 		    if (i < playerct-1) Strcat(pbuf, ":");
+ 		}