aboutsummaryrefslogtreecommitdiff
path: root/security/krb5-appl
diff options
context:
space:
mode:
authorCy Schubert <cy@FreeBSD.org>2004-06-04 16:37:32 +0000
committerCy Schubert <cy@FreeBSD.org>2004-06-04 16:37:32 +0000
commit632f3977c2c887a42585fc0d9e3d606f0fb50517 (patch)
treeb4364fdd710968a37cb9c8cef4123be5c6af8431 /security/krb5-appl
parentb63a3d3d2c4bcca6e018f9d810f339aa5132d1ed (diff)
downloadports-632f3977c2c887a42585fc0d9e3d606f0fb50517.tar.gz
ports-632f3977c2c887a42585fc0d9e3d606f0fb50517.zip
Updated patch for MITKRB5-SA-2004-001: krb5_aname_to_localname buffer overrun.
Obtained from: Tom Yu <tlyu@mit.edu> on BUGTRAQ
Notes
Notes: svn path=/head/; revision=110832
Diffstat (limited to 'security/krb5-appl')
-rw-r--r--security/krb5-appl/Makefile4
-rw-r--r--security/krb5-appl/files/patch-lib::krb5::os::an_to_ln.c24
2 files changed, 15 insertions, 13 deletions
diff --git a/security/krb5-appl/Makefile b/security/krb5-appl/Makefile
index a98fbd4d6da6..1a755930edd8 100644
--- a/security/krb5-appl/Makefile
+++ b/security/krb5-appl/Makefile
@@ -7,7 +7,7 @@
PORTNAME= krb5
PORTVERSION= 1.3.3
-PORTREVISION= 1
+PORTREVISION= 2
CATEGORIES= security
# USE_TARBALL tells the port that the user has fetched the source
# directly from MIT or crypto-publish.org (CRYTPO-PUBLISH).
@@ -16,7 +16,7 @@ USE_KRB5_TARBALL?= MIT
.if defined(USE_KRB5_TARBALL) && ${USE_KRB5_TARBALL} == "CRYPTO-PUBLISH"
# XXX crypto-publish.org still distributes krb5-1.3.1
PORTVERSION= 1.3.1
-PORTREVISION= 4
+PORTREVISION= 5
# XXX ---
MASTER_SITES= http://www.crypto-publish.org/dist/mit-kerberos5/
EXTRACT_SUFX= .tar.gz
diff --git a/security/krb5-appl/files/patch-lib::krb5::os::an_to_ln.c b/security/krb5-appl/files/patch-lib::krb5::os::an_to_ln.c
index 6f29aa668e48..20b39752093f 100644
--- a/security/krb5-appl/files/patch-lib::krb5::os::an_to_ln.c
+++ b/security/krb5-appl/files/patch-lib::krb5::os::an_to_ln.c
@@ -1,5 +1,5 @@
--- lib/krb5/os/an_to_ln.c.orig Tue Sep 3 12:29:34 2002
-+++ lib/krb5/os/an_to_ln.c Wed Jun 2 11:17:19 2004
++++ lib/krb5/os/an_to_ln.c Fri Jun 4 09:19:24 2004
@@ -270,9 +270,14 @@
* If no regcomp() then just return the input string verbatim in the output
* string.
@@ -40,7 +40,7 @@
strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out));
matched = 0;
}
-@@ -322,17 +332,21 @@
+@@ -322,17 +332,22 @@
sdispl = (size_t) (loc1 - cp);
edispl = (size_t) (loc2 - cp);
if (sdispl) {
@@ -52,9 +52,11 @@
strncpy(op, repl, MAX_FORMAT_BUFFER - 1 - (op - out));
op += strlen(repl);
cp += edispl;
- if (!doall)
+- if (!doall)
++ if (!doall) {
+ use_bytes(strlen(cp));
strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out));
++ }
matched = 1;
}
else {
@@ -62,7 +64,7 @@
strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out));
matched = 0;
}
-@@ -340,7 +354,15 @@
+@@ -340,7 +355,15 @@
#else /* HAVE_REGEXP_H */
memcpy(out, in, MAX_FORMAT_BUFFER);
#endif /* HAVE_REGCOMP */
@@ -78,7 +80,7 @@
/*
* aname_replacer() - Perform the specified substitutions on the input
-@@ -412,7 +434,12 @@
+@@ -412,7 +435,12 @@
/* Do the replacemenbt */
memset(out, '\0', MAX_FORMAT_BUFFER);
@@ -92,7 +94,7 @@
free(rule);
free(repl);
-@@ -459,6 +486,7 @@
+@@ -459,6 +487,7 @@
char *fprincname;
char *selstring = 0;
int num_comps, compind;
@@ -100,7 +102,7 @@
char *cout;
krb5_data *datap;
char *outstring;
-@@ -479,6 +507,7 @@
+@@ -479,6 +508,7 @@
*/
current = strchr(current, ':');
selstring = (char *) malloc(MAX_FORMAT_BUFFER);
@@ -108,7 +110,7 @@
if (current && selstring) {
current++;
cout = selstring;
-@@ -497,6 +526,14 @@
+@@ -497,6 +527,14 @@
aname,
compind-1))
) {
@@ -123,7 +125,7 @@
strncpy(cout,
datap->data,
(unsigned) datap->length);
-@@ -527,7 +564,7 @@
+@@ -527,7 +565,7 @@
else
kret = KRB5_CONFIG_BADFORMAT;
@@ -132,7 +134,7 @@
free(selstring);
}
}
-@@ -643,7 +680,7 @@
+@@ -643,7 +681,7 @@
const char *hierarchy[5];
char **mapping_values;
int i, nvalid;
@@ -141,7 +143,7 @@
char *typep, *argp;
unsigned int lnsize;
-@@ -677,11 +714,14 @@
+@@ -677,11 +715,14 @@
/* Just use the last one. */
/* Trim the value. */