Fix buffer overflow in Socks 5 code, bump package revision.

author: tron <tron@pkgsrc.org> 2004-04-14 21:27:25 +0000
committer: tron <tron@pkgsrc.org> 2004-04-14 21:27:25 +0000
commit: 25ea9d376e818d664abce41249fb10937ce9543d (patch)
tree: 412e429c04719f669cec3c1b6f73cb69003cad0d /chat/xchat/patches/patch-aa
parent: e2744b67b24f4391e087cecf39282ca032f7bf71 (diff)
download: pkgsrc-25ea9d376e818d664abce41249fb10937ce9543d.tar.gz
1 files changed, 22 insertions, 0 deletions
diff --git a/chat/xchat/patches/patch-aa b/chat/xchat/patches/patch-aa
new file mode 100644
index 00000000000..9ef97e40edf
--- /dev/null
+++ b/chat/xchat/patches/patch-aa
@@ -0,0 +1,22 @@
+$NetBSD: patch-aa,v 1.8 2004/04/14 21:27:25 tron Exp $
+
+--- src/common/server.c.orig	Tue Dec  3 08:06:31 2002
++++ src/common/server.c	Wed Apr 14 23:18:45 2004
+@@ -837,7 +837,7 @@
+ 	struct sock5_connect1 sc1;
+ 	unsigned char *sc2;
+ 	unsigned int packetlen, addrlen;
+-	unsigned char buf[10];
++	unsigned char buf[260];
+ 
+ 	sc1.version = 5;
+ 	sc1.nmethods = 1;
+@@ -878,7 +878,7 @@
+ 	{
+ 		if (recv (sok, buf, 1, 0) != 1)
+ 			return 1;
+-		packetlen = buf[0] + 2;
++		packetlen = buf[0] + 2;	/* can't exceed 260 */
+ 		if (recv (sok, buf, packetlen, 0) != packetlen)
+ 			return 1;
+ 	}
author	tron <tron@pkgsrc.org>	2004-04-14 21:27:25 +0000
committer	tron <tron@pkgsrc.org>	2004-04-14 21:27:25 +0000
commit	25ea9d376e818d664abce41249fb10937ce9543d (patch)
tree	412e429c04719f669cec3c1b6f73cb69003cad0d /chat/xchat/patches/patch-aa
parent	e2744b67b24f4391e087cecf39282ca032f7bf71 (diff)
download	pkgsrc-25ea9d376e818d664abce41249fb10937ce9543d.tar.gz