aboutsummaryrefslogtreecommitdiff
path: root/sysutils/screen/files/patch-ansi.c
diff options
context:
space:
mode:
authorCy Schubert <cy@FreeBSD.org>2003-12-02 23:36:47 +0000
committerCy Schubert <cy@FreeBSD.org>2003-12-02 23:36:47 +0000
commit15d50ff35c5fc6139209ec6d11d8d8e2b1519a45 (patch)
treeaf9a052ffa4bc463d8bdd319f33ba203d73187a1 /sysutils/screen/files/patch-ansi.c
parentabec811fec226bcab816705a541516cb3ae6a189 (diff)
downloadports-15d50ff35c5fc6139209ec6d11d8d8e2b1519a45.tar.gz
ports-15d50ff35c5fc6139209ec6d11d8d8e2b1519a45.zip
Fix buffer overflow that allows privilege escalation for local users.
Approved by: will (using his portmgr hat) Obtained from: Timo Sirainen <tss@iki.fi> on BUGTRAQ
Notes
Notes: svn path=/head/; revision=94846
Diffstat (limited to 'sysutils/screen/files/patch-ansi.c')
-rw-r--r--sysutils/screen/files/patch-ansi.c11
1 files changed, 11 insertions, 0 deletions
diff --git a/sysutils/screen/files/patch-ansi.c b/sysutils/screen/files/patch-ansi.c
new file mode 100644
index 000000000000..dc5ba91b521a
--- /dev/null
+++ b/sysutils/screen/files/patch-ansi.c
@@ -0,0 +1,11 @@
+--- ansi.c.orig Mon Sep 8 07:24:44 2003
++++ ansi.c Mon Dec 1 17:17:17 2003
+@@ -559,7 +559,7 @@
+ {
+ case '0': case '1': case '2': case '3': case '4':
+ case '5': case '6': case '7': case '8': case '9':
+- if (curr->w_NumArgs < MAXARGS)
++ if (curr->w_NumArgs >= 0 && curr->w_NumArgs < MAXARGS)
+ {
+ if (curr->w_args[curr->w_NumArgs] < 100000000)
+ curr->w_args[curr->w_NumArgs] =