blob: 869a9b2d6ade9348cbe1150cce473809abe60f3c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
|
$NetBSD: patch-ah,v 1.1 2003/03/29 21:20:30 salo Exp $
Fixes potential remote buffer overflows. See the following url for more
details: http://securityfocus.com/archive/1/315057
Patch by caf@guarana.org.
--- source/ctcp.c.orig 2002-02-28 05:22:47.000000000 +0100
+++ source/ctcp.c 2003-03-29 21:41:01.000000000 +0100
@@ -1482,6 +1482,10 @@
*putbuf2;
int len;
len = IRCD_BUFFER_SIZE - (12 + strlen(to));
+
+ if (len < strlen(ctcp_cmd[datatag].name) + 3)
+ return;
+
putbuf2 = alloca(len);
if (format)
|
