summaryrefslogtreecommitdiff
path: root/mail/fetchmail/patches/patch-ab
diff options
context:
space:
mode:
Diffstat (limited to 'mail/fetchmail/patches/patch-ab')
-rw-r--r--mail/fetchmail/patches/patch-ab34
1 files changed, 34 insertions, 0 deletions
diff --git a/mail/fetchmail/patches/patch-ab b/mail/fetchmail/patches/patch-ab
new file mode 100644
index 00000000000..26d8bd6a4d5
--- /dev/null
+++ b/mail/fetchmail/patches/patch-ab
@@ -0,0 +1,34 @@
+$NetBSD: patch-ab,v 1.18 2008/06/19 11:29:49 obache Exp $
+
+CVE-2008-2711
+http://fetchmail.berlios.de/fetchmail-SA-2008-01.txt
+
+--- report.c.orig 2006-03-14 08:53:31.000000000 +0000
++++ report.c
+@@ -238,11 +238,17 @@ report_build (FILE *errfp, message, va_a
+ rep_ensuresize();
+
+ #if defined(VA_START)
+- VA_START (args, message);
+ for ( ; ; )
+ {
++ /*
++ * args has to be initialized before every call of vsnprintf(),
++ * because vsnprintf() invokes va_arg macro and thus args is
++ * undefined after the call.
++ */
++ VA_START(args, message);
+ n = vsnprintf (partial_message + partial_message_size_used, partial_message_size - partial_message_size_used,
+ message, args);
++ va_end (args);
+
+ if (n >= 0
+ && (unsigned)n < partial_message_size - partial_message_size_used)
+@@ -254,7 +260,6 @@ report_build (FILE *errfp, message, va_a
+ partial_message_size += 2048;
+ partial_message = REALLOC (partial_message, partial_message_size);
+ }
+- va_end (args);
+ #else
+ for ( ; ; )
+ {
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-29 23:22:55 +0000