diff options
| author | Jun Kuriyama <kuriyama@FreeBSD.org> | 2000-06-30 01:47:44 +0000 |
|---|---|---|
| committer | Jun Kuriyama <kuriyama@FreeBSD.org> | 2000-06-30 01:47:44 +0000 |
| commit | 6366da82198eed4f47579c432319bdba58266e77 (patch) | |
| tree | 4a2be40ec5fb0882d5844e1ec86c02dafb66e1a4 /japanese/Canna | |
| parent | a573eb43bce6fd443a3c38547aa89c9685ff25c3 (diff) | |
| download | ports-6366da82198eed4f47579c432319bdba58266e77.tar.gz ports-6366da82198eed4f47579c432319bdba58266e77.zip | |
Fix remote buffer overflow vulnerability.
References: SPSadvisory#38
http://shadowpenguin.backsection.net/advisories/advisory038.html
(Japanese only)
http://shadowpenguin.backsection.net/advisories/index.html
(English abstract included)
Max, should we use "canna" UID for sandbox'ing?
Notes
Notes:
svn path=/head/; revision=30005
Diffstat (limited to 'japanese/Canna')
| -rw-r--r-- | japanese/Canna/files/patch-af | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/japanese/Canna/files/patch-af b/japanese/Canna/files/patch-af new file mode 100644 index 000000000000..656d80769276 --- /dev/null +++ b/japanese/Canna/files/patch-af @@ -0,0 +1,22 @@ +--- server/misc.c~ Fri Jul 29 12:03:54 1994 ++++ server/misc.c Fri Jun 30 10:16:39 2000 +@@ -788,12 +788,19 @@ + + if (client->username && client->username[0]) { + if (client->groupname && client->groupname[0]) { ++ if (strlen(DDUSER) + strlen(client->username) + ++ strlen(DDGROUP) + strlen(client->groupname) + ++ strlen(DDPATH) >= 256) ++ return ( -1 ); + sprintf(dichome, "%s/%s:%s/%s:%s", + DDUSER, client->username, + DDGROUP, client->groupname, + DDPATH); + } + else { ++ if (strlen(DDUSER) + strlen(client->username) + ++ strlen(DDPATH) >= 256) ++ return ( -1 ); + sprintf(dichome, "%s/%s:%s", + DDUSER, client->username, + DDPATH); |