summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authoradrianp <adrianp@pkgsrc.org>2006-11-18 14:32:58 +0000
committeradrianp <adrianp@pkgsrc.org>2006-11-18 14:32:58 +0000
commit14cf3a2fd9857e986cb5fd39fe134e91a427e08c (patch)
treef8e37f56b3d18a16f3384c1852d54ab359a27829
parentc2ae3278d956c3419db44a147f8ed6506100f396 (diff)
downloadpkgsrc-14cf3a2fd9857e986cb5fd39fe134e91a427e08c.tar.gz
Add patch-ac for CVE-2006-5815
Patch from ProFTPD CVS: http://proftp.cvs.sourceforge.net/proftp/proftpd/src/main.c?r1=1.292&r2=1.293&view=patch&sortby=date
-rw-r--r--net/proftpd/Makefile4
-rw-r--r--net/proftpd/distinfo3
-rw-r--r--net/proftpd/patches/patch-ac47
3 files changed, 51 insertions, 3 deletions
diff --git a/net/proftpd/Makefile b/net/proftpd/Makefile
index 7a435aa58d6..097797d36f6 100644
--- a/net/proftpd/Makefile
+++ b/net/proftpd/Makefile
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile,v 1.35 2006/05/01 21:17:06 minskim Exp $
+# $NetBSD: Makefile,v 1.36 2006/11/18 14:32:58 adrianp Exp $
DISTNAME= proftpd-1.3.0
-#PKGREVISION= 1
+PKGREVISION= 1
CATEGORIES= net
MASTER_SITES= ftp://ftp.proftpd.org/distrib/source/ \
ftp://ftp.servus.at/ProFTPD/distrib/source/ \
diff --git a/net/proftpd/distinfo b/net/proftpd/distinfo
index f9199396f28..0b91f5d2e86 100644
--- a/net/proftpd/distinfo
+++ b/net/proftpd/distinfo
@@ -1,7 +1,8 @@
-$NetBSD: distinfo,v 1.18 2006/04/17 05:33:09 martti Exp $
+$NetBSD: distinfo,v 1.19 2006/11/18 14:32:58 adrianp Exp $
SHA1 (proftpd-1.3.0.tar.bz2) = d117134035a3d8d130c5aa44d6b1788683a33410
RMD160 (proftpd-1.3.0.tar.bz2) = 46cdd29a6c6ce4c3dd8f1a972df0a52b90a6d2ec
Size (proftpd-1.3.0.tar.bz2) = 1386086 bytes
SHA1 (patch-aa) = 5ebfe97a0edb8ecee7495fd5d487eff3cf32d1fe
SHA1 (patch-ab) = 8886177b90089c8a2fa580aceb7a0514fe0ea6a7
+SHA1 (patch-ac) = 25a0b27773e5e025096cf08ad33243aaf143fbb8
diff --git a/net/proftpd/patches/patch-ac b/net/proftpd/patches/patch-ac
new file mode 100644
index 00000000000..9da9504f99d
--- /dev/null
+++ b/net/proftpd/patches/patch-ac
@@ -0,0 +1,47 @@
+$NetBSD: patch-ac,v 1.5 2006/11/18 14:32:58 adrianp Exp $
+
+--- src/main.c.orig 2006-11-18 14:24:35.000000000 +0000
++++ src/main.c
+@@ -116,6 +116,8 @@ static unsigned char have_dead_child = F
+
+ static char sbuf[PR_TUNABLE_BUFFER_SIZE] = {'\0'};
+
++#define PR_DEFAULT_CMD_BUFSZ 512
++
+ static char **Argv = NULL;
+ static char *LastArgv = NULL;
+ static const char *PidPath = PR_PID_FILE_PATH;
+@@ -820,16 +822,25 @@ static void cmd_loop(server_rec *server,
+ pr_timer_reset(TIMER_IDLE, NULL);
+
+ if (cmd_buf_size == -1) {
+- long *buf_size = get_param_ptr(main_server->conf,
+- "CommandBufferSize", FALSE);
++ int *bufsz = get_param_ptr(main_server->conf, "CommandBufferSize",
++ FALSE);
+
+- if (buf_size == NULL || *buf_size <= 0)
+- cmd_buf_size = 512;
++ if (bufsz == NULL ||
++ *bufsz <= 0) {
++ pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) "
++ "given, resetting to default buffer size (%u)",
++ *bufsz, (unsigned int) PR_DEFAULT_CMD_BUFSZ);
++ cmd_buf_size = PR_DEFAULT_CMD_BUFSZ;
++
++ } else if (*bufsz + 1 > sizeof(buf)) {
++ pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) "
++ "given, resetting to default buffer size (%u)",
++ *bufsz, (unsigned int) PR_DEFAULT_CMD_BUFSZ);
++ cmd_buf_size = PR_DEFAULT_CMD_BUFSZ;
+
+- else if (*buf_size + 1 > sizeof(buf)) {
+- pr_log_pri(PR_LOG_WARNING, "Invalid CommandBufferSize size given. "
+- "Resetting to 512.");
+- cmd_buf_size = 512;
++ } else {
++ pr_log_debug(DEBUG1, "setting CommandBufferSize to %d", *bufsz);
++ cmd_buf_size = (long) *bufsz;
+ }
+ }
+