diff options
Diffstat (limited to 'chat/bitchx/patches/patch-ar')
| -rw-r--r-- | chat/bitchx/patches/patch-ar | 21 |
1 files changed, 0 insertions, 21 deletions
diff --git a/chat/bitchx/patches/patch-ar b/chat/bitchx/patches/patch-ar deleted file mode 100644 index c887b648bf0..00000000000 --- a/chat/bitchx/patches/patch-ar +++ /dev/null @@ -1,21 +0,0 @@ -$NetBSD: patch-ar,v 1.1 2007/06/25 14:15:21 lkundrak Exp $ - -This patch fixes CVE-2007-3360 flaw, where a malicious server could -inject a hook possibly executiong malicious code and direct client -into executing it by using bogus hook index. - ---- source/hook.c.orig 2007-06-25 15:41:37.000000000 +0200 -+++ source/hook.c 2007-06-25 15:41:39.000000000 +0200 -@@ -837,6 +837,12 @@ int BX_do_hook (int which, char *format - #ifdef WANT_TCL - int tcl_ret = 0; - #endif -+ -+ /* CVE-2007-3360 boundary check */ -+ if (which >= sizeof(hook_functions)/sizeof(hook_functions[0])) { -+ return NO_ACTION_TAKEN; -+ } -+ - /* - * Figure out where the hooks are for the event type were asserting - */ |