diff options
author | frueauf <frueauf> | 2005-11-01 20:09:50 +0000 |
---|---|---|
committer | frueauf <frueauf> | 2005-11-01 20:09:50 +0000 |
commit | b607e00a428d116873655a7527332a8df8e25292 (patch) | |
tree | 22276b85b85f2a97a5b64b9697b3bf8128aa54c0 /net/ethereal/patches | |
parent | 90468c7d69f6baeeac3605656cf5c7cedc2e8ac8 (diff) | |
download | pkgsrc-b607e00a428d116873655a7527332a8df8e25292.tar.gz |
Add patch for security issue published at http://secunia.com/product/1228/
taken from http://www.gentoo.org/cgi-bin/viewcvs.cgi/*checkout*/net-analyzer/ethereal/files/ethereal-0.10.13-fix-irc-loop-DoS-CVE-2005-3313.diff?hideattic=1
Also bump version to 0.10.13nb1.
Diffstat (limited to 'net/ethereal/patches')
-rw-r--r-- | net/ethereal/patches/patch-ab | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/net/ethereal/patches/patch-ab b/net/ethereal/patches/patch-ab new file mode 100644 index 00000000000..183449d2be4 --- /dev/null +++ b/net/ethereal/patches/patch-ab @@ -0,0 +1,25 @@ +$NetBSD: patch-ab,v 1.7 2005/11/01 20:09:50 frueauf Exp $ + +Fixes security issue published at http://secunia.com/advisories/17370/. +Diff taken from http://www.gentoo.org/cgi-bin/viewcvs.cgi/*checkout*/net-analyzer/ethereal/files/ethereal-0.10.13-fix-irc-loop-DoS-CVE-2005-3313.diff?hideattic=1 + +--- epan/dissectors/packet-irc.c 2005/09/23 21:33:02 15985 ++++ epan/dissectors/packet-irc.c 2005/10/24 02:35:43 16290 +@@ -86,6 +86,17 @@ + * Find the end of the line. + */ + linelen = tvb_find_line_end(tvb, offset, -1, &next_offset, FALSE); ++ if (next_offset == offset) { ++ /* ++ * XXX - we really want the "show data a ++ * line at a time" loops in various ++ * dissectors to do reassembly and to ++ * throw an exception if there's no ++ * line ending in the current packet ++ * and we're not doing reassembly. ++ */ ++ break; ++ } + + if (linelen != 0) + { |