net/IglooFTP: fix potential endless loop for long passwords

author: rillig <rillig@pkgsrc.org> 2020-05-03 14:38:36 +0000
committer: rillig <rillig@pkgsrc.org> 2020-05-03 14:38:36 +0000
commit: 3911ba8ab808c3ba7b54666ee4d4ba5cbf15a6e5 (patch)
tree: d507a18e4b41c13e7590b04e990eaf924691e230 /net/IglooFTP/patches/patch-src_console_c
parent: ecdd9eec30ae56e422f8ce6117a2ff1299098e0a (diff)
download: pkgsrc-3911ba8ab808c3ba7b54666ee4d4ba5cbf15a6e5.tar.gz
1 files changed, 21 insertions, 0 deletions
diff --git a/net/IglooFTP/patches/patch-src_console_c b/net/IglooFTP/patches/patch-src_console_c
new file mode 100644
index 00000000000..593cdedd299
--- /dev/null
+++ b/net/IglooFTP/patches/patch-src_console_c
@@ -0,0 +1,21 @@
+$NetBSD: patch-src_console_c,v 1.1 2020/05/03 14:38:36 rillig Exp $
+
+Not sure whether this could lead to an endless loop when someone enters a
+long password.  Anyway, using a signed character as array index is wrong.
+
+Found by GCC's -Werror=char-subscripts.
+
+Not reported upstream because this package doesn't even have a homepage
+anymore.
+
+--- src/console.c.orig	1999-04-15 16:05:13.000000000 +0000
++++ src/console.c
+@@ -177,7 +177,7 @@ local_message (char *this_message)
+ 
+   if (strstr (this_message, "PASS"))
+     {
+-      register char f;
++      size_t f;
+       for (f = 5; f < strlen (this_message); f++)
+ 	this_message[f] = 'x';
+     }
author	rillig <rillig@pkgsrc.org>	2020-05-03 14:38:36 +0000
committer	rillig <rillig@pkgsrc.org>	2020-05-03 14:38:36 +0000
commit	3911ba8ab808c3ba7b54666ee4d4ba5cbf15a6e5 (patch)
tree	d507a18e4b41c13e7590b04e990eaf924691e230 /net/IglooFTP/patches/patch-src_console_c
parent	ecdd9eec30ae56e422f8ce6117a2ff1299098e0a (diff)
download	pkgsrc-3911ba8ab808c3ba7b54666ee4d4ba5cbf15a6e5.tar.gz