diff options
author | cy <cy@FreeBSD.org> | 2004-06-05 00:37:32 +0800 |
---|---|---|
committer | cy <cy@FreeBSD.org> | 2004-06-05 00:37:32 +0800 |
commit | a4c393af57fea09e1c420e73b8f89f0802af76fa (patch) | |
tree | 601e1ef432257e990285a9158af7be2bafb67aa4 /security/krb5 | |
parent | bc5b41712283c8115c9b19f5fa84936600383aa2 (diff) | |
download | freebsd-ports-gnome-a4c393af57fea09e1c420e73b8f89f0802af76fa.tar.gz freebsd-ports-gnome-a4c393af57fea09e1c420e73b8f89f0802af76fa.tar.zst freebsd-ports-gnome-a4c393af57fea09e1c420e73b8f89f0802af76fa.zip |
Updated patch for MITKRB5-SA-2004-001: krb5_aname_to_localname buffer overrun.
Obtained from: Tom Yu <tlyu@mit.edu> on BUGTRAQ
Diffstat (limited to 'security/krb5')
-rw-r--r-- | security/krb5/Makefile | 4 | ||||
-rw-r--r-- | security/krb5/files/patch-lib::krb5::os::an_to_ln.c | 24 |
2 files changed, 15 insertions, 13 deletions
diff --git a/security/krb5/Makefile b/security/krb5/Makefile index a98fbd4d6da6..1a755930edd8 100644 --- a/security/krb5/Makefile +++ b/security/krb5/Makefile @@ -7,7 +7,7 @@ PORTNAME= krb5 PORTVERSION= 1.3.3 -PORTREVISION= 1 +PORTREVISION= 2 CATEGORIES= security # USE_TARBALL tells the port that the user has fetched the source # directly from MIT or crypto-publish.org (CRYTPO-PUBLISH). @@ -16,7 +16,7 @@ USE_KRB5_TARBALL?= MIT .if defined(USE_KRB5_TARBALL) && ${USE_KRB5_TARBALL} == "CRYPTO-PUBLISH" # XXX crypto-publish.org still distributes krb5-1.3.1 PORTVERSION= 1.3.1 -PORTREVISION= 4 +PORTREVISION= 5 # XXX --- MASTER_SITES= http://www.crypto-publish.org/dist/mit-kerberos5/ EXTRACT_SUFX= .tar.gz diff --git a/security/krb5/files/patch-lib::krb5::os::an_to_ln.c b/security/krb5/files/patch-lib::krb5::os::an_to_ln.c index 6f29aa668e48..20b39752093f 100644 --- a/security/krb5/files/patch-lib::krb5::os::an_to_ln.c +++ b/security/krb5/files/patch-lib::krb5::os::an_to_ln.c @@ -1,5 +1,5 @@ --- lib/krb5/os/an_to_ln.c.orig Tue Sep 3 12:29:34 2002 -+++ lib/krb5/os/an_to_ln.c Wed Jun 2 11:17:19 2004 ++++ lib/krb5/os/an_to_ln.c Fri Jun 4 09:19:24 2004 @@ -270,9 +270,14 @@ * If no regcomp() then just return the input string verbatim in the output * string. @@ -40,7 +40,7 @@ strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out)); matched = 0; } -@@ -322,17 +332,21 @@ +@@ -322,17 +332,22 @@ sdispl = (size_t) (loc1 - cp); edispl = (size_t) (loc2 - cp); if (sdispl) { @@ -52,9 +52,11 @@ strncpy(op, repl, MAX_FORMAT_BUFFER - 1 - (op - out)); op += strlen(repl); cp += edispl; - if (!doall) +- if (!doall) ++ if (!doall) { + use_bytes(strlen(cp)); strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out)); ++ } matched = 1; } else { @@ -62,7 +64,7 @@ strncpy(op, cp, MAX_FORMAT_BUFFER - 1 - (op - out)); matched = 0; } -@@ -340,7 +354,15 @@ +@@ -340,7 +355,15 @@ #else /* HAVE_REGEXP_H */ memcpy(out, in, MAX_FORMAT_BUFFER); #endif /* HAVE_REGCOMP */ @@ -78,7 +80,7 @@ /* * aname_replacer() - Perform the specified substitutions on the input -@@ -412,7 +434,12 @@ +@@ -412,7 +435,12 @@ /* Do the replacemenbt */ memset(out, '\0', MAX_FORMAT_BUFFER); @@ -92,7 +94,7 @@ free(rule); free(repl); -@@ -459,6 +486,7 @@ +@@ -459,6 +487,7 @@ char *fprincname; char *selstring = 0; int num_comps, compind; @@ -100,7 +102,7 @@ char *cout; krb5_data *datap; char *outstring; -@@ -479,6 +507,7 @@ +@@ -479,6 +508,7 @@ */ current = strchr(current, ':'); selstring = (char *) malloc(MAX_FORMAT_BUFFER); @@ -108,7 +110,7 @@ if (current && selstring) { current++; cout = selstring; -@@ -497,6 +526,14 @@ +@@ -497,6 +527,14 @@ aname, compind-1)) ) { @@ -123,7 +125,7 @@ strncpy(cout, datap->data, (unsigned) datap->length); -@@ -527,7 +564,7 @@ +@@ -527,7 +565,7 @@ else kret = KRB5_CONFIG_BADFORMAT; @@ -132,7 +134,7 @@ free(selstring); } } -@@ -643,7 +680,7 @@ +@@ -643,7 +681,7 @@ const char *hierarchy[5]; char **mapping_values; int i, nvalid; @@ -141,7 +143,7 @@ char *typep, *argp; unsigned int lnsize; -@@ -677,11 +714,14 @@ +@@ -677,11 +715,14 @@ /* Just use the last one. */ /* Trim the value. */ |