From 15d50ff35c5fc6139209ec6d11d8d8e2b1519a45 Mon Sep 17 00:00:00 2001
From: Cy Schubert <cy@FreeBSD.org>
Date: Tue, 2 Dec 2003 23:36:47 +0000
Subject: Fix buffer overflow that allows privilege escalation for local users.

Approved by:	will (using his portmgr hat)
Obtained from:	Timo Sirainen <tss@iki.fi> on BUGTRAQ
---
 misc/screen/files/patch-ansi.c | 11 +++++++++++
 1 file changed, 11 insertions(+)
 create mode 100644 misc/screen/files/patch-ansi.c

(limited to 'misc/screen/files/patch-ansi.c')

diff --git a/misc/screen/files/patch-ansi.c b/misc/screen/files/patch-ansi.c
new file mode 100644
index 000000000000..dc5ba91b521a
--- /dev/null
+++ b/misc/screen/files/patch-ansi.c
@@ -0,0 +1,11 @@
+--- ansi.c.orig	Mon Sep  8 07:24:44 2003
++++ ansi.c	Mon Dec  1 17:17:17 2003
+@@ -559,7 +559,7 @@
+ 	    {
+ 	    case '0': case '1': case '2': case '3': case '4':
+ 	    case '5': case '6': case '7': case '8': case '9':
+-	      if (curr->w_NumArgs < MAXARGS)
++	      if (curr->w_NumArgs >= 0 && curr->w_NumArgs < MAXARGS)
+ 		{
+ 		  if (curr->w_args[curr->w_NumArgs] < 100000000)
+ 		    curr->w_args[curr->w_NumArgs] =
-- 
cgit v1.2.3