mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-22 20:41:26 +00:00
Add a patch for the most recent mpg123 buffer-overflow vulnerability
noted in VuXML. PR: ports/73091 Submitted by: Roman Bogorodskiy <bogorodskiy@inbox.ru> (maintainer) VuXML: http://vuxml.FreeBSD.org/20d16518-2477-11d9-814e-0001020eed82.html Approved by: clement
This commit is contained in:
parent
106857c742
commit
a302915bcf
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=120914
@ -7,7 +7,7 @@
|
||||
|
||||
PORTNAME= mpg123
|
||||
PORTVERSION= 0.59r
|
||||
PORTREVISION= 14
|
||||
PORTREVISION= 15
|
||||
CATEGORIES= audio ipv6
|
||||
MASTER_SITES= http://www.mpg123.de/mpg123/ \
|
||||
http://www-ti.informatik.uni-tuebingen.de/~hippm/mpg123/
|
||||
|
@ -1,6 +1,6 @@
|
||||
--- httpget.c.orig 2003-11-13 18:34:37.000000000 +0000
|
||||
+++ httpget.c 2003-11-13 18:35:10.000000000 +0000
|
||||
@@ -55,11 +55,10 @@ void readstring (char *string, int maxle
|
||||
--- httpget.c.orig Fri Nov 5 16:11:04 2004
|
||||
+++ httpget.c Fri Nov 5 16:43:27 2004
|
||||
@@ -55,11 +55,10 @@
|
||||
#endif
|
||||
int pos = 0;
|
||||
|
||||
@ -13,7 +13,7 @@
|
||||
break;
|
||||
}
|
||||
}
|
||||
@@ -68,6 +67,7 @@ void readstring (char *string, int maxle
|
||||
@@ -68,6 +67,7 @@
|
||||
exit(1);
|
||||
}
|
||||
}
|
||||
@ -21,3 +21,42 @@
|
||||
#if 0
|
||||
do {
|
||||
result = fgets(string, maxlen, f);
|
||||
@@ -114,6 +114,7 @@
|
||||
int getauthfromURL(char *url,char *auth)
|
||||
{
|
||||
char *pos;
|
||||
+ int len;
|
||||
|
||||
*auth = 0;
|
||||
|
||||
@@ -126,8 +127,14 @@
|
||||
if( url[i] == '/' )
|
||||
return 0;
|
||||
}
|
||||
- strncpy(auth,url,pos-url);
|
||||
- auth[pos-url] = 0;
|
||||
+
|
||||
+ if ((pos-url) > 255)
|
||||
+ len = 255;
|
||||
+ else
|
||||
+ len = pos-url;
|
||||
+
|
||||
+ strncpy(auth,url,len);
|
||||
+ auth[len] = 0;
|
||||
strcpy(url,pos+1);
|
||||
return 1;
|
||||
}
|
||||
@@ -292,11 +299,11 @@
|
||||
}
|
||||
strcat (request, sptr);
|
||||
}
|
||||
- sprintf (request + strlen(request),
|
||||
+ snprintf (request + strlen(request), linelength - strlen(request),
|
||||
" HTTP/1.0\r\nUser-Agent: %s/%s\r\n",
|
||||
prgName, prgVersion);
|
||||
if (host) {
|
||||
- sprintf(request + strlen(request),
|
||||
+ snprintf(request + strlen(request), linelength - strlen(request),
|
||||
"Host: %s:%s\r\n", host, myport);
|
||||
#if 0
|
||||
free (host);
|
||||
|
Loading…
Reference in New Issue
Block a user