Author: qboosh Date: Fri Dec 15 08:38:43 2006 GMT Module: SOURCES Tag: HEAD ---- Log message: - from Debian
---- Files affected: SOURCES: proftpd-CVE-2006-6170.patch (NONE -> 1.1) (NEW) ---- Diffs: ================================================================ Index: SOURCES/proftpd-CVE-2006-6170.patch diff -u /dev/null SOURCES/proftpd-CVE-2006-6170.patch:1.1 --- /dev/null Fri Dec 15 09:38:43 2006 +++ SOURCES/proftpd-CVE-2006-6170.patch Fri Dec 15 09:38:38 2006 @@ -0,0 +1,38 @@ +diff -ruN proftpd-1.2.10-old/contrib/mod_tls.c proftpd-1.2.10/contrib/mod_tls.c +--- proftpd-1.2.10-old/contrib/mod_tls.c 2004-07-01 03:06:09.000000000 +0200 ++++ proftpd-1.2.10/contrib/mod_tls.c 2006-11-29 11:33:05.000000000 +0100 +@@ -2288,17 +2288,25 @@ + long datalen = 0; + int ok; + +- if ((ok = X509_NAME_print_ex(mem, x509_name, 0, XN_FLAG_ONELINE))) +- datalen = BIO_get_mem_data(mem, &data); ++ ok = X509_NAME_print_ex(mem, x509_name, 0, XN_FLAG_ONELINE); ++ if (ok) { ++ datalen = BIO_get_mem_data(mem, &data); + +- if (data) { +- memset(&buf, '\0', sizeof(buf)); +- memcpy(buf, data, datalen); +- buf[datalen] = '\0'; +- buf[sizeof(buf)-1] = '\0'; ++ if (data) { ++ memset(&buf, '\0', sizeof(buf)); + +- BIO_free(mem); +- return buf; ++ if (datalen >= sizeof(buf)) { ++ datalen = sizeof(buf)-1; ++ } ++ ++ memcpy(buf, data, datalen); ++ ++ buf[datalen] = '\0'; ++ buf[sizeof(buf)-1] = '\0'; ++ ++ BIO_free(mem); ++ return buf; ++ } + } + + BIO_free(mem); ================================================================ _______________________________________________ pld-cvs-commit mailing list pld-cvs-commit@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit