Fix buffer overflow that allows privilege escalation for local users.

Approved by: will (using his portmgr hat) Obtained from: Timo Sirainen <tss@iki.fi> on BUGTRAQ
author: Cy Schubert <cy@FreeBSD.org> 2003-12-02 23:36:47 +0000
committer: Cy Schubert <cy@FreeBSD.org> 2003-12-02 23:36:47 +0000
commit: 15d50ff35c5fc6139209ec6d11d8d8e2b1519a45 (patch)
tree: af9a052ffa4bc463d8bdd319f33ba203d73187a1 /misc/screen/files/patch-resize.c
parent: abec811fec226bcab816705a541516cb3ae6a189 (diff)
download: ports-15d50ff35c5fc6139209ec6d11d8d8e2b1519a45.tar.gz
ports-15d50ff35c5fc6139209ec6d11d8d8e2b1519a45.zip
1 files changed, 20 insertions, 0 deletions
diff --git a/misc/screen/files/patch-resize.c b/misc/screen/files/patch-resize.c
new file mode 100644
index 000000000000..a2af125f12ff
--- /dev/null
+++ b/misc/screen/files/patch-resize.c
@@ -0,0 +1,20 @@
+--- resize.c.orig	Mon Sep  8 07:26:31 2003
++++ resize.c	Mon Dec  1 17:16:29 2003
+@@ -682,6 +682,17 @@
+   if (wi == 0)
+     he = hi = 0;
+ 
++  if (wi > 1000)
++    {
++      Msg(0, "Window width too large, truncated");
++      wi = 1000;
++    }
++  if (he > 1000)
++    {
++      Msg(0, "Window height too large, truncated");
++      he = 1000;
++    }
++
+   if (p->w_width == wi && p->w_height == he && p->w_histheight == hi)
+     {
+       debug("ChangeWindowSize: No change.\n");
author	Cy Schubert <cy@FreeBSD.org>	2003-12-02 23:36:47 +0000
committer	Cy Schubert <cy@FreeBSD.org>	2003-12-02 23:36:47 +0000
commit	15d50ff35c5fc6139209ec6d11d8d8e2b1519a45 (patch)
tree	af9a052ffa4bc463d8bdd319f33ba203d73187a1 /misc/screen/files/patch-resize.c
parent	abec811fec226bcab816705a541516cb3ae6a189 (diff)
download	ports-15d50ff35c5fc6139209ec6d11d8d8e2b1519a45.tar.gz ports-15d50ff35c5fc6139209ec6d11d8d8e2b1519a45.zip