Fixed a buffer overflow vulnerability in the NNTP server

response handling code. Approved by: nectar (mentor), maintainer VuXML: http://vuxml.freebsd.org/7f13607b-6948-11d9-8937-00065be4b5b6.html
author: Niels Heinen <niels@FreeBSD.org> 2005-02-01 09:20:40 +0000
committer: Niels Heinen <niels@FreeBSD.org> 2005-02-01 09:20:40 +0000
commit: 28840701c73f97e66da04e499313efa486737b8e (patch)
tree: 47829d86a00386542682b04b4783e70efa362095 /news
parent: f917e2d231c5104b49acf5df64fe11089e3ecfc2 (diff)
download: ports-28840701c73f97e66da04e499313efa486737b8e.tar.gz
ports-28840701c73f97e66da04e499313efa486737b8e.zip
2 files changed, 12 insertions, 0 deletions
diff --git a/news/newspost/Makefile b/news/newspost/Makefile
index 64bc822aa0c2..54875ae7a63c 100644
--- a/news/newspost/Makefile
+++ b/news/newspost/Makefile
@@ -8,6 +8,7 @@
 
 PORTNAME=	newspost
 PORTVERSION=	2.1.1
+PORTREVISION=	1
 CATEGORIES=	news
 MASTER_SITES=	http://newspost.unixcab.org/download/
 
diff --git a/news/newspost/files/patch-base::socket.c b/news/newspost/files/patch-base::socket.c
new file mode 100644
index 000000000000..d7dbf7b75d6b
--- /dev/null
+++ b/news/newspost/files/patch-base::socket.c
@@ -0,0 +1,11 @@
+--- base/socket.c.orig	Tue Jan 18 11:08:02 2005
++++ base/socket.c	Tue Jan 18 11:10:08 2005
+@@ -126,7 +126,7 @@
+ 
+ 	i = 0;
+ 	pi = buffer;
+-	while (TRUE) {
++	while (read_count < STRING_BUFSIZE - 1) {
+ 		retval = read(sockfd, pi, 1);
+ 		if(retval < 0)
+ 			ui_socket_error(errno);
author	Niels Heinen <niels@FreeBSD.org>	2005-02-01 09:20:40 +0000
committer	Niels Heinen <niels@FreeBSD.org>	2005-02-01 09:20:40 +0000
commit	28840701c73f97e66da04e499313efa486737b8e (patch)
tree	47829d86a00386542682b04b4783e70efa362095 /news
parent	f917e2d231c5104b49acf5df64fe11089e3ecfc2 (diff)
download	ports-28840701c73f97e66da04e499313efa486737b8e.tar.gz ports-28840701c73f97e66da04e499313efa486737b8e.zip