- Fix a security bug

Obtained from:	Freeciv SVN (-r 12105:12106)
Security:	http://www.vuxml.org/freebsd/2d9ad236-4d26-11db-b48d-00508d6a62df.html

3 files changed, 23 insertions, 1 deletions

diff --git a/games/freeciv/Makefile b/games/freeciv/Makefile
index cbb0da600d8a..97472888de72 100644
--- a/games/freeciv/Makefile
+++ b/games/freeciv/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	freeciv
 PORTVERSION=	2.0.8
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	games
 MASTER_SITES=	ftp://ftp.freeciv.org/pub/freeciv/stable/ SF
 
diff --git a/games/freeciv/files/patch-common__packets.c b/games/freeciv/files/patch-common__packets.c
new file mode 100644
index 000000000000..59f7ed09a072
--- /dev/null
+++ b/games/freeciv/files/patch-common__packets.c
@@ -0,0 +1,10 @@
+--- ./common/packets.c.orig	Mon Mar  6 06:35:23 2006
++++ ./common/packets.c	Tue Sep 26 11:21:55 2006
+@@ -577,6 +577,7 @@
+ 	  chunk->total_length, chunk->chunk_length);
+ 
+   if (chunk->total_length < 0
++      || chunk->chunk_length < 0
+       || chunk->total_length >= MAX_ATTRIBUTE_BLOCK
+       || chunk->offset < 0
+       || chunk->offset + chunk->chunk_length > chunk->total_length
diff --git a/games/freeciv/files/patch-server__unithand.c b/games/freeciv/files/patch-server__unithand.c
new file mode 100644
index 000000000000..b52b3e41029e
--- /dev/null
+++ b/games/freeciv/files/patch-server__unithand.c
@@ -0,0 +1,12 @@
+--- ./server/unithand.c.orig	Tue Dec 27 00:37:53 2005
++++ ./server/unithand.c	Tue Sep 26 11:21:55 2006
+@@ -1593,7 +1593,8 @@
+   struct unit *punit = player_find_unit_by_id(pplayer, packet->unit_id);
+   int i;
+ 
+-  if (!punit || packet->length < 0 || punit->activity != ACTIVITY_IDLE) {
++  if (!punit || packet->length < 0 || punit->activity != ACTIVITY_IDLE
++      || packet->length > MAX_LEN_ROUTE) {
+     return;
+   }
+