mirror of
https://git.freebsd.org/ports.git
synced 2025-07-18 17:59:20 -04:00
Fix buffer overflow that allows privilege escalation for local users.
Approved by: will (using his portmgr hat) Obtained from: Timo Sirainen <tss@iki.fi> on BUGTRAQ
This commit is contained in:
Cy Schubert
parent
abec811fec
commit
15d50ff35c
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=94846
6 changed files with 64 additions and 2 deletions
|
|
@ -7,7 +7,7 @@
|
|||
|
||||
PORTNAME= screen
|
||||
PORTVERSION= 4.0.1
|
||||
PORTREVISION= 1
|
||||
PORTREVISION= 2
|
||||
CATEGORIES= misc
|
||||
MASTER_SITES= ftp://ftp.uni-erlangen.de/pub/utilities/screen/ \
|
||||
${MASTER_SITE_GNU}
|
||||
|
|
|
|||
11
misc/screen/files/patch-ansi.c
Normal file
11
misc/screen/files/patch-ansi.c
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
--- ansi.c.orig Mon Sep 8 07:24:44 2003
|
||||
+++ ansi.c Mon Dec 1 17:17:17 2003
|
||||
@@ -559,7 +559,7 @@
|
||||
{
|
||||
case '0': case '1': case '2': case '3': case '4':
|
||||
case '5': case '6': case '7': case '8': case '9':
|
||||
- if (curr->w_NumArgs < MAXARGS)
|
||||
+ if (curr->w_NumArgs >= 0 && curr->w_NumArgs < MAXARGS)
|
||||
{
|
||||
if (curr->w_args[curr->w_NumArgs] < 100000000)
|
||||
curr->w_args[curr->w_NumArgs] =
|
||||
20
misc/screen/files/patch-resize.c
Normal file
20
misc/screen/files/patch-resize.c
Normal file
|
|
@ -0,0 +1,20 @@
|
|||
--- resize.c.orig Mon Sep 8 07:26:31 2003
|
||||
+++ resize.c Mon Dec 1 17:16:29 2003
|
||||
@@ -682,6 +682,17 @@
|
||||
if (wi == 0)
|
||||
he = hi = 0;
|
||||
|
||||
+ if (wi > 1000)
|
||||
+ {
|
||||
+ Msg(0, "Window width too large, truncated");
|
||||
+ wi = 1000;
|
||||
+ }
|
||||
+ if (he > 1000)
|
||||
+ {
|
||||
+ Msg(0, "Window height too large, truncated");
|
||||
+ he = 1000;
|
||||
+ }
|
||||
+
|
||||
if (p->w_width == wi && p->w_height == he && p->w_histheight == hi)
|
||||
{
|
||||
debug("ChangeWindowSize: No change.\n");
|
||||
|
|
@ -7,7 +7,7 @@
|
|||
|
||||
PORTNAME= screen
|
||||
PORTVERSION= 4.0.1
|
||||
PORTREVISION= 1
|
||||
PORTREVISION= 2
|
||||
CATEGORIES= misc
|
||||
MASTER_SITES= ftp://ftp.uni-erlangen.de/pub/utilities/screen/ \
|
||||
${MASTER_SITE_GNU}
|
||||
|
|
|
|||
11
sysutils/screen/files/patch-ansi.c
Normal file
11
sysutils/screen/files/patch-ansi.c
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
--- ansi.c.orig Mon Sep 8 07:24:44 2003
|
||||
+++ ansi.c Mon Dec 1 17:17:17 2003
|
||||
@@ -559,7 +559,7 @@
|
||||
{
|
||||
case '0': case '1': case '2': case '3': case '4':
|
||||
case '5': case '6': case '7': case '8': case '9':
|
||||
- if (curr->w_NumArgs < MAXARGS)
|
||||
+ if (curr->w_NumArgs >= 0 && curr->w_NumArgs < MAXARGS)
|
||||
{
|
||||
if (curr->w_args[curr->w_NumArgs] < 100000000)
|
||||
curr->w_args[curr->w_NumArgs] =
|
||||
20
sysutils/screen/files/patch-resize.c
Normal file
20
sysutils/screen/files/patch-resize.c
Normal file
|
|
@ -0,0 +1,20 @@
|
|||
--- resize.c.orig Mon Sep 8 07:26:31 2003
|
||||
+++ resize.c Mon Dec 1 17:16:29 2003
|
||||
@@ -682,6 +682,17 @@
|
||||
if (wi == 0)
|
||||
he = hi = 0;
|
||||
|
||||
+ if (wi > 1000)
|
||||
+ {
|
||||
+ Msg(0, "Window width too large, truncated");
|
||||
+ wi = 1000;
|
||||
+ }
|
||||
+ if (he > 1000)
|
||||
+ {
|
||||
+ Msg(0, "Window height too large, truncated");
|
||||
+ he = 1000;
|
||||
+ }
|
||||
+
|
||||
if (p->w_width == wi && p->w_height == he && p->w_histheight == hi)
|
||||
{
|
||||
debug("ChangeWindowSize: No change.\n");
|
||||
Loading…
Add table
Reference in a new issue