From 235d74f9546cab8a468e95a9bfd221f3d6ec77c7 Mon Sep 17 00:00:00 2001 From: Joe Marcus Clarke Date: Tue, 28 Sep 2004 03:20:33 +0000 Subject: Patch the various recently reported security vulnerabilities in Mozilla. This update covers the following Mozilla bugs: 245066 226669 250862 255067 256316 257317 258005 Thanks to nectar for scraping all of these patches together. Obtained from: Mozilla CVS Approved by: portmgr (implicit) --- www/mozilla-devel/files/patch-257314 | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) create mode 100644 www/mozilla-devel/files/patch-257314 (limited to 'www/mozilla-devel/files/patch-257314') diff --git a/www/mozilla-devel/files/patch-257314 b/www/mozilla-devel/files/patch-257314 new file mode 100644 index 000000000000..8bcc707b9dd9 --- /dev/null +++ b/www/mozilla-devel/files/patch-257314 @@ -0,0 +1,31 @@ +Index: nsVCardObj.cpp +=================================================================== +RCS file: /cvsroot/mozilla/mailnews/addrbook/src/nsVCardObj.cpp,v +retrieving revision 1.2 +retrieving revision 1.2.24.1 +diff -u -r1.2 -r1.2.24.1 +--- mailnews/addrbook/src/nsVCardObj.cpp 14 Sep 2003 21:45:58 -0000 1.2 ++++ mailnews/addrbook/src/nsVCardObj.cpp 31 Aug 2004 07:44:25 -0000 1.2.24.1 +@@ -1344,16 +1344,13 @@ + + static void writeGroup(OFile *fp, VObject *o) + { +- char buf1[256]; +- char buf2[256]; +- PL_strcpy(buf1,NAME_OF(o)); +- while ((o=isAPropertyOf(o,VCGroupingProp)) != 0) { +- PL_strcpy(buf2,STRINGZ_VALUE_OF(o)); +- PL_strcat(buf2,"."); +- PL_strcat(buf2,buf1); +- PL_strcpy(buf1,buf2); ++ nsCAutoString buf(NAME_OF(o)); ++ ++ while ((o=isAPropertyOf(o,VCGroupingProp)) != 0) { ++ buf.Insert(NS_LITERAL_CSTRING("."), 0); ++ buf.Insert(STRINGZ_VALUE_OF(o), 0); + } +- appendsOFile(fp,buf1); ++ appendsOFile(fp, buf.get()); + } + + static int inList(const char **list, const char *s) -- cgit v1.2.3