From 20fb07058b9fc5e8fb288dffe85c35655f83534d Mon Sep 17 00:00:00 2001
From: Renato Botelho <garga@FreeBSD.org>
Date: Mon, 19 Sep 2005 17:37:17 +0000
Subject: - Fix build on >= 5.x - Fix MASTER_SITES - Patch for
 http://www.freebsd.org/ports/portaudit/807b9ddd-dc11-11d8-9b0a-000347a4fa7d.html
 (from debian project)

PR:		ports/84695
Submitted by:	Andrej Zverev <az@inec.ru>
Approved by:	maintainer (timeout, 40 days)
Security:	http://www.freebsd.org/ports/portaudit/807b9ddd-dc11-11d8-9b0a-000347a4fa7d.html
---
 net/l2tpd/files/patch-control.c | 22 ++++++++++++++++------
 1 file changed, 16 insertions(+), 6 deletions(-)

(limited to 'net/l2tpd/files/patch-control.c')

diff --git a/net/l2tpd/files/patch-control.c b/net/l2tpd/files/patch-control.c
index 92d4e18601a2..6e0b458d9baa 100644
--- a/net/l2tpd/files/patch-control.c
+++ b/net/l2tpd/files/patch-control.c
@@ -1,9 +1,6 @@
-
-$FreeBSD$
-
---- control.c	2002/10/22 09:41:27	1.1
-+++ control.c	2002/10/22 09:43:24
-@@ -15,8 +15,6 @@
+--- control.c.orig.o	Thu Apr 11 00:09:33 2002
++++ control.c	Tue Aug  9 13:20:07 2005
+@@ -16,8 +16,6 @@
  #include <errno.h>
  #include <string.h>
  #include <stdio.h>
@@ -12,3 +9,16 @@ $FreeBSD$
  #include <unistd.h>
  #include <stdlib.h>
  #include "l2tp.h"
+@@ -1582,6 +1580,12 @@
+     wbuf[pos++] = e;
+     for (x = 0; x < buf->len; x++)
+     {
++		// we must at least still have 3 bytes left in the worst case scenario:
++        // 1 for a possible escape, 1 for the value and 1 to end the PPP stream.
++        if(pos >= (sizeof(wbuf) - 4)) {
++            return -EINVAL;
++        }   
++
+         e = *((char *) buf->start + x);
+         if ((e < 0x20) || (e == PPP_ESCAPE) || (e == PPP_FLAG))
+         {
-- 
cgit v1.2.3