From 5a5fbb4af23ea43c786dcbc4bf6d1de8863aa61c Mon Sep 17 00:00:00 2001
From: Steve Price <steve@FreeBSD.org>
Date: Sun, 9 Aug 1998 00:10:45 +0000
Subject: Patch a potential buffer overflow from DFN-CERT#34784.

PR:		6851
Submitted by:	David Kelly <dkelly@nebula.tbe.com>
---
 www/w3c-httpd/files/patch-ca | 12 ++++++++++++
 1 file changed, 12 insertions(+)
 create mode 100644 www/w3c-httpd/files/patch-ca

(limited to 'www/w3c-httpd/files/patch-ca')

diff --git a/www/w3c-httpd/files/patch-ca b/www/w3c-httpd/files/patch-ca
new file mode 100644
index 000000000000..110d585868e2
--- /dev/null
+++ b/www/w3c-httpd/files/patch-ca
@@ -0,0 +1,12 @@
+--- Daemon/Implementation/CGIParse.c.orig	Wed Jun  3 12:38:15 1998
++++ Daemon/Implementation/CGIParse.c	Wed Jun  3 12:38:41 1998
+@@ -293,7 +293,8 @@
+ 	*cur = 0;
+ 
+ 	if (init) {
+-	    printf("QUERY_STRING='%s'; export QUERY_STRING\n", query_string);
++	    printf("QUERY_STRING='%s'; export QUERY_STRING\n",
++		sh_escape(query_string) );
+ 	    exit(0);
+ 	}
+     }
-- 
cgit v1.2.3