Fix buffer overflow that allows privilege escalation for local users.

Approved by: will (using his portmgr hat) Obtained from: Timo Sirainen <tss@iki.fi> on BUGTRAQ
author: Cy Schubert <cy@FreeBSD.org> 2003-12-02 23:36:47 +0000
committer: Cy Schubert <cy@FreeBSD.org> 2003-12-02 23:36:47 +0000
commit: 15d50ff35c5fc6139209ec6d11d8d8e2b1519a45 (patch)
tree: af9a052ffa4bc463d8bdd319f33ba203d73187a1 /misc/screen/files/patch-ansi.c
parent: abec811fec226bcab816705a541516cb3ae6a189 (diff)
download: ports-15d50ff35c5fc6139209ec6d11d8d8e2b1519a45.tar.gz
ports-15d50ff35c5fc6139209ec6d11d8d8e2b1519a45.zip
1 files changed, 11 insertions, 0 deletions
diff --git a/misc/screen/files/patch-ansi.c b/misc/screen/files/patch-ansi.c
new file mode 100644
index 000000000000..dc5ba91b521a
--- /dev/null
+++ b/misc/screen/files/patch-ansi.c
@@ -0,0 +1,11 @@
+--- ansi.c.orig	Mon Sep  8 07:24:44 2003
++++ ansi.c	Mon Dec  1 17:17:17 2003
+@@ -559,7 +559,7 @@
+ 	    {
+ 	    case '0': case '1': case '2': case '3': case '4':
+ 	    case '5': case '6': case '7': case '8': case '9':
+-	      if (curr->w_NumArgs < MAXARGS)
++	      if (curr->w_NumArgs >= 0 && curr->w_NumArgs < MAXARGS)
+ 		{
+ 		  if (curr->w_args[curr->w_NumArgs] < 100000000)
+ 		    curr->w_args[curr->w_NumArgs] =
author	Cy Schubert <cy@FreeBSD.org>	2003-12-02 23:36:47 +0000
committer	Cy Schubert <cy@FreeBSD.org>	2003-12-02 23:36:47 +0000
commit	15d50ff35c5fc6139209ec6d11d8d8e2b1519a45 (patch)
tree	af9a052ffa4bc463d8bdd319f33ba203d73187a1 /misc/screen/files/patch-ansi.c
parent	abec811fec226bcab816705a541516cb3ae6a189 (diff)
download	ports-15d50ff35c5fc6139209ec6d11d8d8e2b1519a45.tar.gz ports-15d50ff35c5fc6139209ec6d11d8d8e2b1519a45.zip