diff options
author | nectar <nectar@FreeBSD.org> | 2001-04-28 02:15:34 +0800 |
---|---|---|
committer | nectar <nectar@FreeBSD.org> | 2001-04-28 02:15:34 +0800 |
commit | 3d3b4c365b37791b3d74ced893445f51f21986c2 (patch) | |
tree | dc5fa8995f1f3213c21bace427b2787ab1fc7b9e /security/krb5-16 | |
parent | c87c369f4279d8f0ea3db78a39de6386593cc7d3 (diff) | |
download | freebsd-ports-gnome-3d3b4c365b37791b3d74ced893445f51f21986c2.tar.gz freebsd-ports-gnome-3d3b4c365b37791b3d74ced893445f51f21986c2.tar.zst freebsd-ports-gnome-3d3b4c365b37791b3d74ced893445f51f21986c2.zip |
Security fix:
``Buffer overflows exist in the FTP daemon included with MIT krb5.''
See <URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf.txt> and
<URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf_122_patch.txt>.
Obtained from: MIT Kerberos mailing list
Diffstat (limited to 'security/krb5-16')
-rw-r--r-- | security/krb5-16/files/patch-bd | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/security/krb5-16/files/patch-bd b/security/krb5-16/files/patch-bd new file mode 100644 index 000000000000..b2bf41284bb7 --- /dev/null +++ b/security/krb5-16/files/patch-bd @@ -0,0 +1,19 @@ +--- appl/gssftp/ftpd/ftpcmd.y.ORIG Wed Feb 28 16:06:45 2001 ++++ appl/gssftp/ftpd/ftpcmd.y Fri Apr 27 10:18:01 2001 +@@ -805,11 +805,13 @@ + * This is a valid reply in some cases but not in others. + */ + if (logged_in && $1 && strncmp((char *) $1, "~", 1) == 0) { +- *(char **)&($$) = *ftpglob((char *) $1); +- if (globerr != NULL) { ++ char **vv; ++ vv = ftpglob((char *) $1); ++ if (vv == NULL || globerr != NULL) { + reply(550, globerr); + $$ = NULL; +- } ++ } else ++ $$ = *vv; + free((char *) $1); + } else + $$ = $1; |