Fix CVE-2012-3482

patch from http://gitorious.org/fetchmail/fetchmail/commit/3fbc7cd331602c76f882d1b507cd05c1d824ba8b/diffs
author: tez <tez@pkgsrc.org> 2012-08-21 15:49:54 +0000
committer: tez <tez@pkgsrc.org> 2012-08-21 15:49:54 +0000
commit: 8a042046385fb7540bf91654979508af9dfdb8d4 (patch)
tree: 6ee09397e257c217e7d8fe7b5f03285bfa07ac7d /mail/fetchmail/patches
parent: e4516dabee28ae8d66c569f14c060de0ef1285d3 (diff)
download: pkgsrc-8a042046385fb7540bf91654979508af9dfdb8d4.tar.gz
1 files changed, 22 insertions, 0 deletions
diff --git a/mail/fetchmail/patches/patch-ntlmsubr.c b/mail/fetchmail/patches/patch-ntlmsubr.c
new file mode 100644
index 00000000000..8281fce6c84
--- /dev/null
+++ b/mail/fetchmail/patches/patch-ntlmsubr.c
@@ -0,0 +1,22 @@
+$NetBSD: patch-ntlmsubr.c,v 1.1 2012/08/21 15:49:54 tez Exp $
+
+Fix CVE-2012-3482
+patch from http://gitorious.org/fetchmail/fetchmail/commit/3fbc7cd331602c76f882d1b507cd05c1d824ba8b/diffs
+
+--- ntlmsubr.c.orig	2012-08-21 15:19:44.585694400 +0000
++++ ntlmsubr.c
+@@ -55,7 +55,13 @@ int ntlm_helper(int sock, struct query *
+     if ((result = gen_recv(sock, msgbuf, sizeof msgbuf)))
+ 	goto cancelfail;
+ 
+-    (void)from64tobits (&challenge, msgbuf, sizeof(challenge));
++    if ((result = from64tobits (&challenge, msgbuf, sizeof(challenge))) < 0) {
++	report (stderr, GT_("could not decode BASE64 challenge\n"));
++	/* We do not goto cancelfail; the server has already sent the
++	* tagged reply, so the protocol exchange has ended, no need
++	* for us to send the asterisk. */
++	return PS_AUTHFAIL;
++    }
+ 
+     if (outlevel >= O_DEBUG)
+ 	dumpSmbNtlmAuthChallenge(stdout, &challenge);
author	tez <tez@pkgsrc.org>	2012-08-21 15:49:54 +0000
committer	tez <tez@pkgsrc.org>	2012-08-21 15:49:54 +0000
commit	8a042046385fb7540bf91654979508af9dfdb8d4 (patch)
tree	6ee09397e257c217e7d8fe7b5f03285bfa07ac7d /mail/fetchmail/patches
parent	e4516dabee28ae8d66c569f14c060de0ef1285d3 (diff)
download	pkgsrc-8a042046385fb7540bf91654979508af9dfdb8d4.tar.gz