SOURCES: proftpd-CVE-2006-6170.patch (NEW) - from Debian
qboosh
qboosh at pld-linux.org
Fri Dec 15 09:38:43 CET 2006
Author: qboosh Date: Fri Dec 15 08:38:43 2006 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- from Debian
---- Files affected:
SOURCES:
proftpd-CVE-2006-6170.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SOURCES/proftpd-CVE-2006-6170.patch
diff -u /dev/null SOURCES/proftpd-CVE-2006-6170.patch:1.1
--- /dev/null Fri Dec 15 09:38:43 2006
+++ SOURCES/proftpd-CVE-2006-6170.patch Fri Dec 15 09:38:38 2006
@@ -0,0 +1,38 @@
+diff -ruN proftpd-1.2.10-old/contrib/mod_tls.c proftpd-1.2.10/contrib/mod_tls.c
+--- proftpd-1.2.10-old/contrib/mod_tls.c 2004-07-01 03:06:09.000000000 +0200
++++ proftpd-1.2.10/contrib/mod_tls.c 2006-11-29 11:33:05.000000000 +0100
+@@ -2288,17 +2288,25 @@
+ long datalen = 0;
+ int ok;
+
+- if ((ok = X509_NAME_print_ex(mem, x509_name, 0, XN_FLAG_ONELINE)))
+- datalen = BIO_get_mem_data(mem, &data);
++ ok = X509_NAME_print_ex(mem, x509_name, 0, XN_FLAG_ONELINE);
++ if (ok) {
++ datalen = BIO_get_mem_data(mem, &data);
+
+- if (data) {
+- memset(&buf, '\0', sizeof(buf));
+- memcpy(buf, data, datalen);
+- buf[datalen] = '\0';
+- buf[sizeof(buf)-1] = '\0';
++ if (data) {
++ memset(&buf, '\0', sizeof(buf));
+
+- BIO_free(mem);
+- return buf;
++ if (datalen >= sizeof(buf)) {
++ datalen = sizeof(buf)-1;
++ }
++
++ memcpy(buf, data, datalen);
++
++ buf[datalen] = '\0';
++ buf[sizeof(buf)-1] = '\0';
++
++ BIO_free(mem);
++ return buf;
++ }
+ }
+
+ BIO_free(mem);
================================================================
More information about the pld-cvs-commit
mailing list