aboutsummaryrefslogtreecommitdiffstats
path: root/net/zebra-devel
diff options
context:
space:
mode:
authorandreas <andreas@FreeBSD.org>2000-12-27 22:19:33 +0800
committerandreas <andreas@FreeBSD.org>2000-12-27 22:19:33 +0800
commitb933a030362f4579fab42ec6f0987773c2053834 (patch)
treea6c3d26653f2e02124f7b4b9d360a03fc15b5236 /net/zebra-devel
parentf1a65c8c96f21fad98f82846ac5451af7f436e3e (diff)
downloadfreebsd-ports-graphics-b933a030362f4579fab42ec6f0987773c2053834.tar.gz
freebsd-ports-graphics-b933a030362f4579fab42ec6f0987773c2053834.tar.zst
freebsd-ports-graphics-b933a030362f4579fab42ec6f0987773c2053834.zip
Fix vty memory leak
Patch in PR contains typo, got clean patch from zebra anon cvs server Wrote e-mail to security officer and freebsd-audit to ask for a) review b) what to do next (FreeBSD Ports Security Advisory?...) concerning a) the author of zebra already ok'd the patch. converning b) waiting for SO or fbsd-auditers to respond PR: 23856 Submitted by: Vincent Poy <vince@oahu.WURLDLINK.NET> Reviewed by: Kunihiro Ishiguro <kunihiro@zebra.org> Approved by: Kunihiro Ishiguro <kunihiro@zebra.org> Obtained from: PR (partly) + zebra anon cvs server
Diffstat (limited to 'net/zebra-devel')
-rw-r--r--net/zebra-devel/Makefile1
-rw-r--r--net/zebra-devel/files/patch-001_vty_memory_leak18
2 files changed, 19 insertions, 0 deletions
diff --git a/net/zebra-devel/Makefile b/net/zebra-devel/Makefile
index c3aaa4063dd..b05feb461b6 100644
--- a/net/zebra-devel/Makefile
+++ b/net/zebra-devel/Makefile
@@ -7,6 +7,7 @@
PORTNAME= zebra
PORTVERSION= 0.89a
+PORTREVISION= 1
CATEGORIES= net ipv6
MASTER_SITES= ftp://ftp.zebra.org/pub/zebra/
# you might need debugging, it's a developer release !
diff --git a/net/zebra-devel/files/patch-001_vty_memory_leak b/net/zebra-devel/files/patch-001_vty_memory_leak
new file mode 100644
index 00000000000..1800c6f3cad
--- /dev/null
+++ b/net/zebra-devel/files/patch-001_vty_memory_leak
@@ -0,0 +1,18 @@
+--- vty.c.orig Tue Sep 26 23:03:12 2000
++++ vty.c Tue Dec 26 23:18:00 2000
+@@ -1850,10 +1849,13 @@
+ printf ("line: %s\n", buf);
+ #endif /* VTYSH_DEBUG */
+
++ vty_ensure (vty, nbytes);
++ memcpy (vty->buf, buf, nbytes);
++
+ /* Pass this line to parser. */
+- vty->buf = buf;
+ ret = vty_execute (vty);
+- vty->buf = NULL;
++
++ vty_clear_buf (vty);
+
+ /* Return result. */
+ #ifdef VTYSH_DEBUG