Fix remote buffer overflow vulnerability.

References: SPSadvisory#38 http://shadowpenguin.backsection.net/advisories/advisory038.html (Japanese only) http://shadowpenguin.backsection.net/advisories/index.html (English abstract included) Max, should we use "canna" UID for sandbox'ing?
svn path=/head/; revision=30005
2024-11-27 00:57:50 +00:00 · 2000-06-30 01:47:44 +00:00 · 2000-06-30 01:47:44 +00:00 · 6366da8219 · 2021-03-31 03:12:20 +00:00
commit 6366da8219
parent a573eb43bc
3 changed files with 66 additions and 0 deletions
--- a/japanese/Canna/files/patch-af
+++ b/japanese/Canna/files/patch-af
@ -0,0 +1,22 @@
+--- server/misc.c~	Fri Jul 29 12:03:54 1994
+++ server/misc.c	Fri Jun 30 10:16:39 2000
+@@ -788,12 +788,19 @@
+ 
+     if (client->username && client->username[0]) {
+       if (client->groupname && client->groupname[0]) {
+	if (strlen(DDUSER) + strlen(client->username) +
+	    strlen(DDGROUP) + strlen(client->groupname) +
+	    strlen(DDPATH) >= 256)
+	  return ( -1 );
+ 	sprintf(dichome, "%s/%s:%s/%s:%s",
+ 		DDUSER, client->username,
+ 		DDGROUP, client->groupname,
+ 		DDPATH);
+       }
+       else {
+	if (strlen(DDUSER) + strlen(client->username) +
+	    strlen(DDPATH) >= 256)
+	  return ( -1 );
+ 	sprintf(dichome, "%s/%s:%s",
+ 		DDUSER, client->username,
+ 		DDPATH);
--- a/japanese/canna-lib/files/patch-af
+++ b/japanese/canna-lib/files/patch-af
@ -0,0 +1,22 @@
+--- server/misc.c~	Fri Jul 29 12:03:54 1994
+++ server/misc.c	Fri Jun 30 10:16:39 2000
+@@ -788,12 +788,19 @@
+ 
+     if (client->username && client->username[0]) {
+       if (client->groupname && client->groupname[0]) {
+	if (strlen(DDUSER) + strlen(client->username) +
+	    strlen(DDGROUP) + strlen(client->groupname) +
+	    strlen(DDPATH) >= 256)
+	  return ( -1 );
+ 	sprintf(dichome, "%s/%s:%s/%s:%s",
+ 		DDUSER, client->username,
+ 		DDGROUP, client->groupname,
+ 		DDPATH);
+       }
+       else {
+	if (strlen(DDUSER) + strlen(client->username) +
+	    strlen(DDPATH) >= 256)
+	  return ( -1 );
+ 	sprintf(dichome, "%s/%s:%s",
+ 		DDUSER, client->username,
+ 		DDPATH);
--- a/japanese/canna-server/files/patch-af
+++ b/japanese/canna-server/files/patch-af
@ -0,0 +1,22 @@
+--- server/misc.c~	Fri Jul 29 12:03:54 1994
+++ server/misc.c	Fri Jun 30 10:16:39 2000
+@@ -788,12 +788,19 @@
+ 
+     if (client->username && client->username[0]) {
+       if (client->groupname && client->groupname[0]) {
+	if (strlen(DDUSER) + strlen(client->username) +
+	    strlen(DDGROUP) + strlen(client->groupname) +
+	    strlen(DDPATH) >= 256)
+	  return ( -1 );
+ 	sprintf(dichome, "%s/%s:%s/%s:%s",
+ 		DDUSER, client->username,
+ 		DDGROUP, client->groupname,
+ 		DDPATH);
+       }
+       else {
+	if (strlen(DDUSER) + strlen(client->username) +
+	    strlen(DDPATH) >= 256)
+	  return ( -1 );
+ 	sprintf(dichome, "%s/%s:%s",
+ 		DDUSER, client->username,
+ 		DDPATH);