summaryrefslogtreecommitdiff
path: root/www/w3m/patches/patch-ag
diff options
context:
space:
mode:
Diffstat (limited to 'www/w3m/patches/patch-ag')
-rw-r--r--www/w3m/patches/patch-ag41
1 files changed, 41 insertions, 0 deletions
diff --git a/www/w3m/patches/patch-ag b/www/w3m/patches/patch-ag
new file mode 100644
index 00000000000..28dd41800de
--- /dev/null
+++ b/www/w3m/patches/patch-ag
@@ -0,0 +1,41 @@
+$NetBSD: patch-ag,v 1.1 2001/06/24 05:57:24 itojun Exp $
+
+plug buffer overrun vulnerability in mime charset parsing
+http://mi.med.tohoku.ac.jp/~satodai/w3m-dev-en/200106.month/537.html
+
+--- mimehead.c Sun Jun 24 14:49:45 2001
++++ mimehead.c Sun Jun 24 14:46:53 2001
+@@ -173,27 +173,26 @@
+ decodeWord(char **ow)
+ {
+ #endif
+- char buf[32];
+ char *p, *w = *ow;
+ char method;
+ Str a = Strnew();
++ Str cs = Strnew();
+
+ if (*w != '=' || *(w + 1) != '?')
+ goto convert_fail;
+ w += 2;
+- for (p = buf; p - buf < 31 && *w != '?'; w++) {
++ for (; *w != '?'; w++) {
+ if (*w == '\0')
+ goto convert_fail;
+- *(p++) = *w;
++ Strcat_char(cs, *w);
+ }
+- *p = '\0';
+ #ifdef USE_M17N
+- c = wc_guess_charset(buf, 0);
++ c = wc_guess_charset(cs->ptr, 0);
+ if (! c)
+ goto convert_fail;
+ #else
+- if (strcasecmp(buf, "ISO-8859-1") != 0 &&
+- strcasecmp(buf, "US_ASCII") != 0)
++ if (Strcasecmp_charp(cs, "ISO-8859-1") != 0 &&
++ Strcasecmp_charp(cs, "US_ASCII") != 0)
+ /* NOT ISO-8859-1 encoding ... don't convert */
+ goto convert_fail;
+ #endif
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-16 00:35:04 +0000