diff options
author | stefan <stefan@FreeBSD.org> | 2008-10-19 16:09:02 +0800 |
---|---|---|
committer | stefan <stefan@FreeBSD.org> | 2008-10-19 16:09:02 +0800 |
commit | bedf41ba6f3d3f15b03b508bac7b58f3e63d2e6f (patch) | |
tree | 99f0c7db40027c75e8b43a8212f217041965e402 /comms | |
parent | 335be67fd5125747d98086cec10f84bdb2fb003b (diff) | |
download | freebsd-ports-gnome-bedf41ba6f3d3f15b03b508bac7b58f3e63d2e6f.tar.gz freebsd-ports-gnome-bedf41ba6f3d3f15b03b508bac7b58f3e63d2e6f.tar.zst freebsd-ports-gnome-bedf41ba6f3d3f15b03b508bac7b58f3e63d2e6f.zip |
Fix a potential buffer overflow.
PR: 128216
Submitted by: maintainer
Diffstat (limited to 'comms')
-rw-r--r-- | comms/qpage/Makefile | 2 | ||||
-rw-r--r-- | comms/qpage/files/patch-srvrsnpp.c | 28 |
2 files changed, 29 insertions, 1 deletions
diff --git a/comms/qpage/Makefile b/comms/qpage/Makefile index 3d47844fce45..d08258a0c56d 100644 --- a/comms/qpage/Makefile +++ b/comms/qpage/Makefile @@ -7,7 +7,7 @@ PORTNAME= qpage PORTVERSION= 3.3 -PORTREVISION= 4 +PORTREVISION= 5 CATEGORIES= comms MASTER_SITES= http://www.qpage.org/download/ EXTRACT_SUFX= .tar.Z diff --git a/comms/qpage/files/patch-srvrsnpp.c b/comms/qpage/files/patch-srvrsnpp.c new file mode 100644 index 000000000000..95b27126e8ad --- /dev/null +++ b/comms/qpage/files/patch-srvrsnpp.c @@ -0,0 +1,28 @@ +--- srvrsnpp.c.orig 1998-10-25 14:55:05.000000000 -0500 ++++ srvrsnpp.c 2008-10-18 18:09:44.175331511 -0400 +@@ -523,6 +523,7 @@ + char *errmsg; + char *a; + char *b; ++ char *m; + int i; + int badarg; + int gotpager; +@@ -701,7 +702,16 @@ + + p->created = time(NULL); + (void)sprintf(buff, "%d", pagecount++); +- (void)strcat(p->messageid, buff); ++ m = (void *)malloc(sizeof(*m) * strlen(p->messageid) + sizeof(*m) * strlen(buff)); ++ if ( m == NULL ) { ++ message("554 Message failed (out of memory)"); ++ qpage_log(LOG_ERR, "snpp(): cannot allocate memory for p->messageid"); ++ clear_page(p, TRUE); ++ break; ++ } ++ (void)sprintf(m, "%s%s", p->messageid, buff); ++ my_free(p->messageid); ++ p->messageid = m; + + qpage_log(LOG_ALERT, "page submitted, id=%s, from=%s", + p->messageid, |