summaryrefslogtreecommitdiff
path: root/www/w3m
diff options
context:
space:
mode:
authoritojun <itojun@pkgsrc.org>2001-06-24 05:57:23 +0000
committeritojun <itojun@pkgsrc.org>2001-06-24 05:57:23 +0000
commit9edd0bfc01769db5a816ce56018b3b8f465fe6e7 (patch)
treef3d42d52a5a1cb4f16cbc907cf9e94fe538a5421 /www/w3m
parentdd719aa0d63c5beb410b01df147751f04e1b5c57 (diff)
downloadpkgsrc-9edd0bfc01769db5a816ce56018b3b8f465fe6e7.tar.gz
plug buffer overrun vulnerability in mime charset parsing. from bugtraq.
Diffstat (limited to 'www/w3m')
-rw-r--r--www/w3m/Makefile4
-rw-r--r--www/w3m/distinfo3
-rw-r--r--www/w3m/patches/patch-ag41
3 files changed, 45 insertions, 3 deletions
diff --git a/www/w3m/Makefile b/www/w3m/Makefile
index a4c0ffc31bf..45392a16106 100644
--- a/www/w3m/Makefile
+++ b/www/w3m/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.25 2001/05/19 03:56:41 jlam Exp $
+# $NetBSD: Makefile,v 1.26 2001/06/24 05:57:23 itojun Exp $
#
DISTNAME= w3m-0.2.1
-PKGNAME= w3m-0.2.1.0.19
+PKGNAME= w3m-0.2.1.0.19nb1
CATEGORIES= www
MASTER_SITES= ftp://ei5nazha.yz.yamagata-u.ac.jp/w3m/
diff --git a/www/w3m/distinfo b/www/w3m/distinfo
index 0402957b4ad..02605cee2d0 100644
--- a/www/w3m/distinfo
+++ b/www/w3m/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.2 2001/05/01 00:31:25 kei Exp $
+$NetBSD: distinfo,v 1.3 2001/06/24 05:57:23 itojun Exp $
SHA1 (w3m-0.2.1.tar.gz) = 3ae98283f02f4faf05af76ee0b022f01c1301d29
Size (w3m-0.2.1.tar.gz) = 844101 bytes
@@ -7,3 +7,4 @@ Size (w3m-0.2.1-m17n-0.19.patch.gz) = 1245263 bytes
SHA1 (patch-aa) = 9c8e45448aedb1959d155eef355fe5d37599e11c
SHA1 (patch-ab) = 08a28e40907f8c3040b1e9253caf14b8b4f0dc7e
SHA1 (patch-af) = f43380334a92c609afef4058b03f1ef72ae77e2e
+SHA1 (patch-ag) = e394cac02a053c8deb5cb6c2d946c9ae8edc891d
diff --git a/www/w3m/patches/patch-ag b/www/w3m/patches/patch-ag
new file mode 100644
index 00000000000..28dd41800de
--- /dev/null
+++ b/www/w3m/patches/patch-ag
@@ -0,0 +1,41 @@
+$NetBSD: patch-ag,v 1.1 2001/06/24 05:57:24 itojun Exp $
+
+plug buffer overrun vulnerability in mime charset parsing
+http://mi.med.tohoku.ac.jp/~satodai/w3m-dev-en/200106.month/537.html
+
+--- mimehead.c Sun Jun 24 14:49:45 2001
++++ mimehead.c Sun Jun 24 14:46:53 2001
+@@ -173,27 +173,26 @@
+ decodeWord(char **ow)
+ {
+ #endif
+- char buf[32];
+ char *p, *w = *ow;
+ char method;
+ Str a = Strnew();
++ Str cs = Strnew();
+
+ if (*w != '=' || *(w + 1) != '?')
+ goto convert_fail;
+ w += 2;
+- for (p = buf; p - buf < 31 && *w != '?'; w++) {
++ for (; *w != '?'; w++) {
+ if (*w == '\0')
+ goto convert_fail;
+- *(p++) = *w;
++ Strcat_char(cs, *w);
+ }
+- *p = '\0';
+ #ifdef USE_M17N
+- c = wc_guess_charset(buf, 0);
++ c = wc_guess_charset(cs->ptr, 0);
+ if (! c)
+ goto convert_fail;
+ #else
+- if (strcasecmp(buf, "ISO-8859-1") != 0 &&
+- strcasecmp(buf, "US_ASCII") != 0)
++ if (Strcasecmp_charp(cs, "ISO-8859-1") != 0 &&
++ Strcasecmp_charp(cs, "US_ASCII") != 0)
+ /* NOT ISO-8859-1 encoding ... don't convert */
+ goto convert_fail;
+ #endif