diff options
Diffstat (limited to 'net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-CVE-2008-4247.patch')
-rw-r--r-- | net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-CVE-2008-4247.patch | 108 |
1 files changed, 0 insertions, 108 deletions
diff --git a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-CVE-2008-4247.patch b/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-CVE-2008-4247.patch deleted file mode 100644 index e1b50c825bfc..000000000000 --- a/net-ftp/netkit-ftpd/files/netkit-ftpd-0.17-CVE-2008-4247.patch +++ /dev/null @@ -1,108 +0,0 @@ -http://bugs.gentoo.org/239047 - ---- linux-ftpd-0.17/ftpd/extern.h -+++ linux-ftpd-0.17/ftpd/extern.h -@@ -43,7 +43,7 @@ void dologout __P((int)); - void fatal __P((const char *)); - int ftpd_pclose __P((FILE *)); - FILE *ftpd_popen __P((char *, const char *)); --char *ftpd_getline __P((char *, int, FILE *)); -+int ftpd_getline __P((char *, int, FILE *)); - void ftpdlogwtmp __P((const char *, const char *, const char *)); - void lreply __P((int, const char *, ...)); - void makedir __P((char *)); ---- linux-ftpd-0.17/ftpd/ftpcmd.y -+++ linux-ftpd-0.17/ftpd/ftpcmd.y -@@ -980,7 +980,7 @@ static struct tab *lookup(struct tab *p, - /* - * getline - a hacked up version of fgets to ignore TELNET escape codes. - */ --char * ftpd_getline(char *s, int n, FILE *iop) -+int ftpd_getline(char *s, int n, FILE *iop) - { - int c; - register char *cs; -@@ -995,7 +995,7 @@ char * ftpd_getline(char *s, int n, FILE - if (debug) - syslog(LOG_DEBUG, "command: %s", s); - tmpline[0] = '\0'; -- return(s); -+ return(0); - } - if (c == 0) - tmpline[0] = '\0'; -@@ -1037,11 +1037,22 @@ char * ftpd_getline(char *s, int n, FILE - } - } - *cs++ = c; -- if (--n <= 0 || c == '\n') -+ if (--n <= 0) { -+ /* -+ * If command doesn't fit into buffer, discard the -+ * rest of the command and indicate truncation. -+ * This prevents the command to be split up into -+ * multiple commands. -+ */ -+ while (c != '\n' && (c = getc(iop)) != EOF) -+ ; -+ return (-2); -+ } -+ if (c == '\n') - break; - } - if (c == EOF && cs == s) -- return (NULL); -+ return (-1); - *cs++ = '\0'; - if (debug) { - if (!guest && strncasecmp("pass ", s, 5) == 0) { -@@ -1061,7 +1072,7 @@ char * ftpd_getline(char *s, int n, FILE - syslog(LOG_DEBUG, "command: %.*s", len, s); - } - } -- return (s); -+ return (0); - } - - void toolong(int signo) -@@ -1090,9 +1101,14 @@ static int yylex(void) - case CMD: - (void) signal(SIGALRM, toolong); - (void) alarm((unsigned) timeout); -- if (ftpd_getline(cbuf, sizeof(cbuf)-1, stdin)==NULL) { -+ n = ftpd_getline(cbuf, sizeof(cbuf)-1, stdin); -+ if (n == -1) { - reply(221, "You could at least say goodbye."); - dologout(0); -+ } else if (n == -2) { -+ reply(500, "Command too long."); -+ alarm(0); -+ continue; - } - (void) alarm(0); - if ((cp = strchr(cbuf, '\r'))) { ---- linux-ftpd-0.17/ftpd/ftpd.c -+++ linux-ftpd-0.17/ftpd/ftpd.c -@@ -2210,6 +2210,7 @@ void dologout(int status) - static void myoob(int signo) - { - char *cp; -+ int ret; - int save_errno = errno; - - (void)signo; -@@ -2218,9 +2219,13 @@ static void myoob(int signo) - if (!transflag) - return; - cp = tmpline; -- if (ftpd_getline(cp, 7, stdin) == NULL) { -+ ret = ftpd_getline(cp, 7, stdin); -+ if (ret == -1) { - reply(221, "You could at least say goodbye."); - dologout(0); -+ } else if (ret == -2) { -+ /* Ignore truncated command */ -+ return; - } - upper(cp); - if (strcmp(cp, "ABOR\r\n") == 0) { |