summaryrefslogtreecommitdiff
path: root/misc/mc
diff options
context:
space:
mode:
authorMax Khon <fjoe@FreeBSD.org>2004-04-05 18:26:25 +0000
committerMax Khon <fjoe@FreeBSD.org>2004-04-05 18:26:25 +0000
commite6997d75da9671a866956e5d2cdcac37ca44475b (patch)
tree03ff0c4621e082e739224fe22b65fb02f7cb5ac5 /misc/mc
parentMark as deprecated. Original submitter of port confirms that the project (diff)
Fix buffer overflow (CAN-2003-1023).
Bump PORTREVISION. Obtained from: Fedora Core 1 Updates
Diffstat (limited to 'misc/mc')
-rw-r--r--misc/mc/Makefile2
-rw-r--r--misc/mc/files/patch-CAN-2003-102339
2 files changed, 40 insertions, 1 deletions
diff --git a/misc/mc/Makefile b/misc/mc/Makefile
index 00fc68fa40a6..83a55efe1f9f 100644
--- a/misc/mc/Makefile
+++ b/misc/mc/Makefile
@@ -7,7 +7,7 @@
PORTNAME= mc
PORTVERSION= 4.6.0
-PORTREVISION= 8
+PORTREVISION= 9
CATEGORIES= misc shells
MASTER_SITES= ${MASTER_SITE_SUNSITE}
MASTER_SITE_SUBDIR= utils/file/managers/mc/
diff --git a/misc/mc/files/patch-CAN-2003-1023 b/misc/mc/files/patch-CAN-2003-1023
new file mode 100644
index 000000000000..cf033e9adc70
--- /dev/null
+++ b/misc/mc/files/patch-CAN-2003-1023
@@ -0,0 +1,39 @@
+--- vfs/direntry.c.orig 2002-12-25 21:21:43.000000000 -0500
++++ vfs/direntry.c 2004-01-21 09:38:53.000000000 -0500
+@@ -375,21 +375,31 @@ vfs_s_resolve_symlink (vfs *me, vfs_s_en
+
+ /* Convert absolute paths to relative ones */
+ if (*linkname == PATH_SEP) {
+- char *p, *q;
++ char *p, *q, *r, *end;
+
+ for (p = path, q = entry->ino->linkname; *p == *q; p++, q++);
+ while (*(--q) != PATH_SEP);
+ q++;
++ r = buf;
++ end = buf + MC_MAXPATHLEN;
+ for (;; p++) {
+ p = strchr (p, PATH_SEP);
+ if (!p) {
+- strcat (buf, q);
++ size_t len = strlen (q);
++
++ if (r + len >= end)
++ break;
++
++ memcpy (r, q, len + 1);
++ linkname = buf;
+ break;
+ }
+- strcat (buf, "..");
+- strcat (buf, PATH_SEP_STR);
++
++ if (r + sizeof (".." PATH_SEP_STR) > end)
++ break;
++ memcpy (r, ".." PATH_SEP_STR, sizeof (".." PATH_SEP_STR) - 1);
++ r += sizeof (".." PATH_SEP_STR) - 1;
+ }
+- linkname = buf;
+ }
+
+ return (MEDATA->find_entry) (me, entry->dir, linkname, follow - 1, 0);