From abf5538bd496df453f5787219191e9e96cb14d0c Mon Sep 17 00:00:00 2001
From: Sunpoet Po-Chuan Hsieh <sunpoet@FreeBSD.org>
Date: Fri, 12 Sep 2014 07:41:09 +0000
Subject: - Fix heap-based buffer overflow in formisc.c - Bump PORTREVISION for
 package change

Security:	CVE-2014-3618
MFH:		2014Q3
---
 mail/procmail/files/patch-src-formisc.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)
 create mode 100644 mail/procmail/files/patch-src-formisc.c

(limited to 'mail/procmail/files/patch-src-formisc.c')

diff --git a/mail/procmail/files/patch-src-formisc.c b/mail/procmail/files/patch-src-formisc.c
new file mode 100644
index 000000000000..2743d6c5f94a
--- /dev/null
+++ b/mail/procmail/files/patch-src-formisc.c
@@ -0,0 +1,16 @@
+--- src/formisc.c.orig	2001-06-29 10:20:45.000000000 +0800
++++ src/formisc.c	2014-09-12 00:58:12.989105253 +0800
+@@ -84,12 +84,11 @@
+ 	case '"':*target++=delim='"';start++;
+       }
+      ;{ int i;
+-	do
++	while(*start)
+ 	   if((i= *target++= *start++)==delim)	 /* corresponding delimiter? */
+ 	      break;
+ 	   else if(i=='\\'&&*start)		    /* skip quoted character */
+ 	      *target++= *start++;
+-	while(*start);						/* anything? */
+       }
+      hitspc=2;
+    }
-- 
cgit v1.2.3