Reliability fix:

Buffer overflow in GNU screen allows privilege escalation for local users.
It also has some potential for attackers getting control of another user's
screen.  Transfer of approximately two gigabytes of data is required to
exploit this vulnerability.
Usually screen is installed either setgid-utmp or setuid-root but this DOES
NOT happen on OpenBSD, thus the reliability fix.

ok brad@

misc/screen/Makefile

@@ -1,10 +1,10 @@
-# $OpenBSD: Makefile,v 1.50 2003/11/22 00:56:58 espie Exp $
+# $OpenBSD: Makefile,v 1.51 2003/12/04 23:27:07 margarida Exp $
 
 COMMENT=	"multi-screen window manager"
 
 VERSION=	4.0.1
 DISTNAME=	screen-${VERSION}
-PKGNAME=	${DISTNAME}p1
+PKGNAME=	${DISTNAME}p2
 CATEGORIES=	misc
 MASTER_SITES=	ftp://ftp.uni-erlangen.de/pub/utilities/screen/
 

misc/screen/patches/patch-ansi_c

@@ -0,0 +1,12 @@
+$OpenBSD: patch-ansi_c,v 1.1 2003/12/04 23:27:07 margarida Exp $
+--- ansi.c.orig	2003-11-28 00:27:43.000000000 +0000
++++ ansi.c	2003-11-28 00:28:29.000000000 +0000
+@@ -559,7 +559,7 @@ register int len;
+ 	    {
+ 	    case '0': case '1': case '2': case '3': case '4':
+ 	    case '5': case '6': case '7': case '8': case '9':
+-	      if (curr->w_NumArgs < MAXARGS)
++	      if (curr->w_NumArgs >= 0 && curr->w_NumArgs < MAXARGS)
+ 		{
+ 		  if (curr->w_args[curr->w_NumArgs] < 100000000)
+ 		    curr->w_args[curr->w_NumArgs] =

misc/screen/patches/patch-resize_c

@@ -0,0 +1,22 @@
+$OpenBSD: patch-resize_c,v 1.1 2003/12/04 23:27:07 margarida Exp $
+--- resize.c.orig	2003-11-28 00:28:47.000000000 +0000
++++ resize.c	2003-11-28 00:30:19.000000000 +0000
+@@ -682,6 +682,18 @@ int wi, he, hi;
+   if (wi == 0)
+     he = hi = 0;
+ 
++  if (wi > 1000)
++    {
++      Msg(0, "Window width too large, truncated");
++      wi = 1000;
++    }
++  if (he > 1000)
++    {
++      Msg(0, "Window height too large, truncated");
++      he = 1000;
++    }
++ 
++
+   if (p->w_width == wi && p->w_height == he && p->w_histheight == hi)
+     {
+       debug("ChangeWindowSize: No change.\n");