- Security: fix denial of service in sch_generic_wget, from upstream svn.

net/nepenthes/Makefile

@@ -1,10 +1,10 @@
-# $OpenBSD: Makefile,v 1.21 2009/03/16 21:29:34 sthen Exp $
+# $OpenBSD: Makefile,v 1.22 2009/07/24 22:50:10 rui Exp $
 SHARED_ONLY=	Yes
 
 COMMENT=	determine the malware activity on a network
 
 DISTNAME=	nepenthes-0.2.2 
-PKGNAME=	${DISTNAME}p0
+PKGNAME=	${DISTNAME}p1
 CATEGORIES=	net
 
 HOMEPAGE=	http://nepenthes.mwcollect.org/

net/nepenthes/patches/patch-modules_shellcode-generic_sch_generic_wget_cpp

@@ -0,0 +1,12 @@
+$OpenBSD: patch-modules_shellcode-generic_sch_generic_wget_cpp,v 1.1 2009/07/24 22:50:10 rui Exp $
+--- modules/shellcode-generic/sch_generic_wget.cpp.orig	Tue Jul 21 13:40:52 2009
++++ modules/shellcode-generic/sch_generic_wget.cpp	Tue Jul 21 13:41:26 2009
+@@ -149,7 +149,7 @@ sch_result Genericwget::handleShellcode(Message **msg)
+ 		start = i;
+ 
+ 		while (htmldec[i] != '&' &&
+-			   htmldec[i] != ';')
++			   htmldec[i] != ';' && i < htmldec.size())
+ 		{
+ 			i++;
+ 		}