From 9f6e68c273ef23d8931905b25819b65a4c358f64 Mon Sep 17 00:00:00 2001
From: Jacques Vidrine <nectar@FreeBSD.org>
Date: Thu, 29 Nov 2001 15:06:19 +0000
Subject: Patch from vendor.  From the ChangeLog:

  2001-11-27  Flavio Veloso  <flaviovs@magnux.com>
        * gnuserv.c: Fix a potential buffer overflow in permitted() that
        may allow the client to execute code on the server.
---
 devel/libgtop2/files/patch-src::daemon::gnuserv.c | 15 +++++++++++++++
 1 file changed, 15 insertions(+)
 create mode 100644 devel/libgtop2/files/patch-src::daemon::gnuserv.c

(limited to 'devel/libgtop2/files/patch-src::daemon::gnuserv.c')

diff --git a/devel/libgtop2/files/patch-src::daemon::gnuserv.c b/devel/libgtop2/files/patch-src::daemon::gnuserv.c
new file mode 100644
index 000000000000..8b0712a8d041
--- /dev/null
+++ b/devel/libgtop2/files/patch-src::daemon::gnuserv.c
@@ -0,0 +1,15 @@
+--- src/daemon/gnuserv.c.orig	Thu Nov 29 08:58:40 2001
++++ src/daemon/gnuserv.c	Thu Nov 29 08:58:17 2001
+@@ -200,6 +200,12 @@
+ 
+ 	auth_data_len = atoi (buf);
+ 
++	if (auth_data_len < 1 || auth_data_len > sizeof(buf)) {
++	    syslog_message(LOG_WARNING,
++			   "Invalid data length supplied by client");
++	    return FALSE;
++	}
++
+ 	if (timed_read (fd, buf, auth_data_len, AUTH_TIMEOUT, 0) != auth_data_len)
+ 	    return FALSE;
+ 
-- 
cgit v1.2.3