diff options
author | agc <agc> | 2004-02-10 17:26:34 +0000 |
---|---|---|
committer | agc <agc> | 2004-02-10 17:26:34 +0000 |
commit | 54cbf37e39fd122be188102ad0638e5e71185d6f (patch) | |
tree | 5c9bfce648f7c039374e43360455c7e99ec1ebb5 | |
parent | be6c3e8590921065a001a38ce3a7d469f71d8b8c (diff) | |
download | pkgsrc-54cbf37e39fd122be188102ad0638e5e71185d6f.tar.gz |
Pullup security fix to the pkgsrc-2003Q4 branch, requested by Matthias
Scheler.
Module Name: pkgsrc
Committed By: tron
Date: Tue Feb 10 09:32:47 UTC 2004
Modified Files:
pkgsrc/audio/mpg123: Makefile distinfo
pkgsrc/audio/mpg123-esound: Makefile
pkgsrc/audio/mpg123-nas: Makefile
Added Files:
pkgsrc/audio/mpg123/patches: patch-aq
Log Message:
Fix security vulnerability reported in CAN-2003-0865. Bump package revision
because of this fix.
-rw-r--r-- | audio/mpg123/patches/patch-aq | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/audio/mpg123/patches/patch-aq b/audio/mpg123/patches/patch-aq new file mode 100644 index 00000000000..aa979419425 --- /dev/null +++ b/audio/mpg123/patches/patch-aq @@ -0,0 +1,25 @@ +$NetBSD: patch-aq,v 1.1.2.2 2004/02/10 17:26:34 agc Exp $ + +--- httpget.c.orig Tue Feb 10 10:14:29 2004 ++++ httpget.c Tue Feb 10 10:18:07 2004 +@@ -55,11 +55,10 @@ + #endif + int pos = 0; + +- while(1) { ++ while(pos < (maxlen - 1)) { + if( read(fileno(f),string+pos,1) == 1) { + pos++; + if(string[pos-1] == '\n') { +- string[pos] = 0; + break; + } + } +@@ -78,6 +77,7 @@ + } + #endif + ++ string[pos] = '\0'; + } + + void encode64 (char *source,char *destination) |