From 3d3b4c365b37791b3d74ced893445f51f21986c2 Mon Sep 17 00:00:00 2001
From: nectar <nectar@FreeBSD.org>
Date: Fri, 27 Apr 2001 18:15:34 +0000
Subject: Security fix:   ``Buffer overflows exist in the FTP daemon included
 with MIT krb5.''   See
 <URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf.txt> and  
 <URL:http://web.mit.edu/kerberos/www/advisories/ftpbuf_122_patch.txt>.

Obtained from:  MIT Kerberos mailing list
---
 security/krb5-16/files/patch-bd | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 security/krb5-16/files/patch-bd

(limited to 'security/krb5-16')

diff --git a/security/krb5-16/files/patch-bd b/security/krb5-16/files/patch-bd
new file mode 100644
index 00000000000..b2bf41284bb
--- /dev/null
+++ b/security/krb5-16/files/patch-bd
@@ -0,0 +1,19 @@
+--- appl/gssftp/ftpd/ftpcmd.y.ORIG	Wed Feb 28 16:06:45 2001
++++ appl/gssftp/ftpd/ftpcmd.y	Fri Apr 27 10:18:01 2001
+@@ -805,11 +805,13 @@
+ 		 * This is a valid reply in some cases but not in others.
+ 		 */
+ 		if (logged_in && $1 && strncmp((char *) $1, "~", 1) == 0) {
+-			*(char **)&($$) = *ftpglob((char *) $1);
+-			if (globerr != NULL) {
++			char **vv;
++			vv = ftpglob((char *) $1);
++			if (vv == NULL || globerr != NULL) {
+ 				reply(550, globerr);
+ 				$$ = NULL;
+-			}
++			} else
++				$$ = *vv;
+ 			free((char *) $1);
+ 		} else
+ 			$$ = $1;
-- 
cgit