Fix a double-free which prevented `ftpd' from functioning correctly.

2 files changed, 31 insertions, 1 deletions

diff --git a/security/heimdal/Makefile b/security/heimdal/Makefile
index 1dcc866f293b..48a28b1ec614 100644
--- a/security/heimdal/Makefile
+++ b/security/heimdal/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=		heimdal
 PORTVERSION=	0.6
-PORTREVISION=	0
+PORTREVISION=	1
 CATEGORIES=		security ipv6
 MASTER_SITES=	ftp://ftp.pdc.kth.se/pub/heimdal/src/ \
 				ftp://ftp.replay.com/pub/replay/crypto/APPS/kerberos/heimdal/ \
diff --git a/security/heimdal/files/patch-ftp-gssapi.c b/security/heimdal/files/patch-ftp-gssapi.c
new file mode 100644
index 000000000000..1b0b8060834a
--- /dev/null
+++ b/security/heimdal/files/patch-ftp-gssapi.c
@@ -0,0 +1,30 @@
+*** appl/ftp/ftp/gssapi.c.orig	Wed Dec 17 14:12:55 2003
+--- appl/ftp/ftp/gssapi.c	Wed Dec 17 14:13:52 2003
+***************
+*** 228,239 ****
+  	    gss_release_buffer(&min_stat, &export_name);
+  	    goto out;
+  	}
+! 	name = realloc(export_name.value, export_name.length + 1);
+  	if(name == NULL) {
+  	    reply(500, "Out of memory");
+  	    gss_release_buffer(&min_stat, &export_name);
+  	    goto out;
+  	}
+  	name[export_name.length] = '\0';
+  	gss_release_buffer(&min_stat, &export_name);
+  	d->client_name = name;
+--- 228,240 ----
+  	    gss_release_buffer(&min_stat, &export_name);
+  	    goto out;
+  	}
+! 	name = malloc(export_name.length + 1);
+  	if(name == NULL) {
+  	    reply(500, "Out of memory");
+  	    gss_release_buffer(&min_stat, &export_name);
+  	    goto out;
+  	}
++ 	memcpy(name, export_name.value, export_name.length);
+  	name[export_name.length] = '\0';
+  	gss_release_buffer(&min_stat, &export_name);
+  	d->client_name = name;