openbsd-ports/games/wesnoth/patches/patch-src_server_simple_wml_cpp

$OpenBSD: patch-src_server_simple_wml_cpp,v 1.1 2009/03/18 11:42:16 jasper Exp $

Security fix for CVE-2009-0366, fixes DoS.
Patch from upstream svn -r33069.

--- src/server/simple_wml.cpp.orig	Sun Mar 15 17:36:44 2009
+++ src/server/simple_wml.cpp	Sun Mar 15 17:37:23 2009
@@ -27,6 +27,10 @@ char* uncompress_buffer(const string_span& input, stri
 	int len = 0;
 	int pos = 0;
 	while(filter.good() && (len = filter.read(&buf[pos], chunk_size).gcount()) == chunk_size) {
+		if(pos + chunk_size > 40000000) {
+			throw error("WML document exceeds 40MB limit");
+		}
+
 		pos += len;
 		buf.resize(pos + chunk_size);
 		len = 0;