diff options
| author | nectar <nectar@FreeBSD.org> | 2004-01-29 21:15:44 +0800 |
|---|---|---|
| committer | nectar <nectar@FreeBSD.org> | 2004-01-29 21:15:44 +0800 |
| commit | b681ec0834b9a2694811f68623651fdf6e06e159 (patch) | |
| tree | 2d7eab9a4fef26294ec72ef9885754802c45fa36 /net | |
| parent | 5227368cea6f32d0fc17950d922986ed40605788 (diff) | |
| download | freebsd-ports-gnome-b681ec0834b9a2694811f68623651fdf6e06e159.tar.gz freebsd-ports-gnome-b681ec0834b9a2694811f68623651fdf6e06e159.tar.zst freebsd-ports-gnome-b681ec0834b9a2694811f68623651fdf6e06e159.zip | |
Correct a regression introduced in the previous security fix that
could cause Gaim to go into a tight loop and ultimately crash on
receipt of a malformed Yahoo! Messenger packet.
Reported by: Joseph Martin via Stefan Esser ("the other one, not ours")
Diffstat (limited to 'net')
| -rw-r--r-- | net/gaim/Makefile | 2 | ||||
| -rw-r--r-- | net/gaim/files/patch-src::protocols::yahoo::yahoo.c | 15 |
2 files changed, 9 insertions, 8 deletions
diff --git a/net/gaim/Makefile b/net/gaim/Makefile index e58e0e2ad861..2b698e0d495c 100644 --- a/net/gaim/Makefile +++ b/net/gaim/Makefile @@ -6,7 +6,7 @@ PORTNAME= gaim PORTVERSION= 0.75 -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES?= net MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= ${PORTNAME} diff --git a/net/gaim/files/patch-src::protocols::yahoo::yahoo.c b/net/gaim/files/patch-src::protocols::yahoo::yahoo.c index ecb6ec9f450b..f8cffc43cf54 100644 --- a/net/gaim/files/patch-src::protocols::yahoo::yahoo.c +++ b/net/gaim/files/patch-src::protocols::yahoo::yahoo.c @@ -1,5 +1,5 @@ -*** src/protocols/yahoo/yahoo.c.orig Thu Jan 22 09:57:03 2004 ---- src/protocols/yahoo/yahoo.c Thu Jan 22 10:15:11 2004 +*** src/protocols/yahoo/yahoo.c.orig Fri Jan 9 23:04:09 2004 +--- src/protocols/yahoo/yahoo.c Tue Jan 27 14:10:22 2004 *************** *** 20,25 **** --- 20,26 ---- @@ -12,12 +12,13 @@ #include "account.h" *************** *** 131,138 **** ---- 132,146 ---- +--- 132,147 ---- while (pos + 1 < len) { if (data[pos] == 0xc0 && data[pos + 1] == 0x80) break; + if (x >= sizeof(key)-1) { + x++; ++ pos++; + continue; + + } @@ -62,7 +63,7 @@ static void yahoo_process_mail(GaimConnection *gc, struct yahoo_packet *pkt) { GaimAccount *account = gaim_connection_get_account(gc); ---- 876,941 ---- +--- 877,942 ---- } } @@ -163,7 +164,7 @@ gaim_input_remove(gc->inpa); close(source); /* Now we have our cookies to login with. I'll go get the milk. */ ---- 1945,1974 ---- +--- 1946,1975 ---- static void yahoo_web_pending(gpointer data, gint source, GaimInputCondition cond) { @@ -203,7 +204,7 @@ } static void yahoo_got_cookies(gpointer data, gint source, GaimInputCondition cond) ---- 1977,1983 ---- +--- 1978,1984 ---- yahoo_got_web_connected, gc) != 0) { gaim_connection_error(gc, _("Connection problem")); return; @@ -228,7 +229,7 @@ *d = *c; *d = '\0'; g_hash_table_insert(hash, g_strdup(name), g_strdup(value)); ---- 2014,2030 ---- +--- 2015,2031 ---- const char *c = buf; char *d; char name[64], value[64]; |