SOURCES: proftpd-CAN-2005-2390.patch (NEW) - fixes format string v...

Thu Aug 4 16:01:30 CEST 2005

Author: adamg                        Date: Thu Aug  4 14:01:30 2005 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- fixes format string vulnerabilities

---- Files affected:
SOURCES:
   proftpd-CAN-2005-2390.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: SOURCES/proftpd-CAN-2005-2390.patch
diff -u /dev/null SOURCES/proftpd-CAN-2005-2390.patch:1.1

--- /dev/null	Thu Aug  4 16:01:30 2005
+++ SOURCES/proftpd-CAN-2005-2390.patch	Thu Aug  4 16:01:25 2005
@@ -0,0 +1,59 @@
+diff -burN proftpd-1.2.10.orig/contrib/mod_sql.c proftpd-1.2.10/contrib/mod_sql.c
+--- proftpd-1.2.10.orig/contrib/mod_sql.c	2005-08-04 15:57:39.050981712 +0200
++++ proftpd-1.2.10/contrib/mod_sql.c	2005-08-04 15:57:49.922329016 +0200
+@@ -2036,7 +2036,7 @@
+       *outsp++ = 0;
+ 
+       /* add the response */
+-      pr_response_add( c->argv[0], outs);
++      pr_response_add(c->argv[0], "%s", outs);
+ 
+     } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
+ 
+@@ -2110,7 +2110,7 @@
+       *outsp++ = 0;
+ 
+       /* add the response */
+-      pr_response_add( c->argv[0], outs);
++      pr_response_add(c->argv[0], "%s", outs);
+ 
+     } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
+ 
+@@ -2201,7 +2201,7 @@
+       *outsp++ = 0;
+ 
+       /* add the response */
+-      pr_response_add_err( c->argv[0], outs);
++      pr_response_add_err(c->argv[0], "%s", outs);
+ 
+     } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
+ 
+@@ -2275,7 +2275,7 @@
+       *outsp++ = 0;
+ 
+       /* add the response */
+-      pr_response_add( c->argv[0], outs);
++      pr_response_add(c->argv[0], "%s",  outs);
+ 
+     } while((c = find_config_next(c, c->next, CONF_PARAM, name, FALSE)) != NULL);
+ 
+diff -burN proftpd-1.2.10.orig/src/response.c proftpd-1.2.10/src/response.c
+--- proftpd-1.2.10.orig/src/response.c	2005-08-04 15:57:39.125970312 +0200
++++ proftpd-1.2.10/src/response.c	2005-08-04 15:57:46.478852504 +0200
+@@ -1,6 +1,6 @@
+ /*
+  * ProFTPD - FTP server daemon
+- * Copyright (c) 2001, 2002, 2003 The ProFTPD Project team
++ * Copyright (c) 2001-2005 The ProFTPD Project team
+  *  
+  * This program is free software; you can redistribute it and/or modify
+  * it under the terms of the GNU General Public License as published by
+@@ -169,7 +169,7 @@
+   buf[sizeof(buf) - 1] = '\0';
+   sstrcat(buf, "\r\n", sizeof(buf));
+ 
+-  RESPONSE_WRITE_STR_ASYNC(session.c->outstrm, buf, strlen(buf))
++  RESPONSE_WRITE_STR_ASYNC(session.c->outstrm, "%s", buf)
+ }
+ 
+ void pr_response_send(const char *resp_numeric, const char *fmt, ...) {
================================================================

