1
0
mirror of https://git.FreeBSD.org/ports.git synced 2024-12-23 04:23:08 +00:00

Fixed a buffer overflow vulnerability in the NNTP server

response handling code.

Approved by:	nectar (mentor), maintainer
VuXML:		http://vuxml.freebsd.org/7f13607b-6948-11d9-8937-00065be4b5b6.html
This commit is contained in:
Niels Heinen 2005-02-01 09:20:40 +00:00
parent f917e2d231
commit 28840701c7
Notes: svn2git 2021-03-31 03:12:20 +00:00
svn path=/head/; revision=127833
2 changed files with 12 additions and 0 deletions

View File

@ -8,6 +8,7 @@
PORTNAME= newspost
PORTVERSION= 2.1.1
PORTREVISION= 1
CATEGORIES= news
MASTER_SITES= http://newspost.unixcab.org/download/

View File

@ -0,0 +1,11 @@
--- base/socket.c.orig Tue Jan 18 11:08:02 2005
+++ base/socket.c Tue Jan 18 11:10:08 2005
@@ -126,7 +126,7 @@
i = 0;
pi = buffer;
- while (TRUE) {
+ while (read_count < STRING_BUFSIZE - 1) {
retval = read(sockfd, pi, 1);
if(retval < 0)
ui_socket_error(errno);