[packages/proftpd.git] / proftpd-CVE-2006-5815.patch

diff -ruN proftpd-1.2.10-old/src/main.c proftpd-1.2.10/src/main.c
--- proftpd-1.2.10-old/src/main.c	2006-11-20 14:06:17.000000000 +0100
+++ proftpd-1.2.10/src/main.c	2006-11-20 14:07:03.000000000 +0100
@@ -118,6 +118,8 @@
 
 static char sbuf[PR_TUNABLE_BUFFER_SIZE] = {'\0'};
 
+#define PR_DEFAULT_CMD_BUFSZ 512
+
 static char **Argv = NULL;
 static char *LastArgv = NULL;
 static const char *PidPath = PID_FILE_PATH;
@@ -810,16 +812,25 @@
       reset_timer(TIMER_IDLE, NULL);
 
     if (cmd_buf_size == -1) {
-      long *buf_size = get_param_ptr(main_server->conf,
-        "CommandBufferSize", FALSE);
-
-      if (buf_size == NULL || *buf_size <= 0)
-        cmd_buf_size = 512;
+      int *bufsz = get_param_ptr(main_server->conf, "CommandBufferSize", FALSE);
+      if (bufsz == NULL) {
+        cmd_buf_size = PR_DEFAULT_CMD_BUFSZ;
+
+      } else if (*bufsz <= 0) {
+        pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) "
+          "given, using default buffer size (%u) instead",
+          *bufsz, PR_DEFAULT_CMD_BUFSZ);
+        cmd_buf_size = PR_DEFAULT_CMD_BUFSZ;
+
+      } else if (*bufsz + 1 > sizeof(buf)) {
+        pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) "
+          "given, using default buffer size (%u) instead",
+          *bufsz, PR_DEFAULT_CMD_BUFSZ);
+        cmd_buf_size = PR_DEFAULT_CMD_BUFSZ;
 
-      else if (*buf_size + 1 > sizeof(buf)) {
-	pr_log_pri(PR_LOG_WARNING, "Invalid CommandBufferSize size given. "
-          "Resetting to 512.");
-	cmd_buf_size = 512;
+      } else {
+        pr_log_debug(DEBUG1, "setting CommandBufferSize to %d", *bufsz);
+        cmd_buf_size = (long) *bufsz;
       }
     }
Commit	Line	Data
7e83a343 JB	1	diff -ruN proftpd-1.2.10-old/src/main.c proftpd-1.2.10/src/main.c
	2	--- proftpd-1.2.10-old/src/main.c 2006-11-20 14:06:17.000000000 +0100
	3	+++ proftpd-1.2.10/src/main.c 2006-11-20 14:07:03.000000000 +0100
	4	@@ -118,6 +118,8 @@
	5
	6	static char sbuf[PR_TUNABLE_BUFFER_SIZE] = {'\0'};
	7
	8	+#define PR_DEFAULT_CMD_BUFSZ 512
	9	+
	10	static char **Argv = NULL;
	11	static char *LastArgv = NULL;
	12	static const char *PidPath = PID_FILE_PATH;
	13	@@ -810,16 +812,25 @@
	14	reset_timer(TIMER_IDLE, NULL);
	15
	16	if (cmd_buf_size == -1) {
	17	- long *buf_size = get_param_ptr(main_server->conf,
	18	- "CommandBufferSize", FALSE);
	19	-
	20	- if (buf_size == NULL \|\| *buf_size <= 0)
	21	- cmd_buf_size = 512;
	22	+ int *bufsz = get_param_ptr(main_server->conf, "CommandBufferSize", FALSE);
	23	+ if (bufsz == NULL) {
	24	+ cmd_buf_size = PR_DEFAULT_CMD_BUFSZ;
	25	+
	26	+ } else if (*bufsz <= 0) {
	27	+ pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) "
	28	+ "given, using default buffer size (%u) instead",
	29	+ *bufsz, PR_DEFAULT_CMD_BUFSZ);
	30	+ cmd_buf_size = PR_DEFAULT_CMD_BUFSZ;
	31	+
	32	+ } else if (*bufsz + 1 > sizeof(buf)) {
	33	+ pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) "
	34	+ "given, using default buffer size (%u) instead",
	35	+ *bufsz, PR_DEFAULT_CMD_BUFSZ);
	36	+ cmd_buf_size = PR_DEFAULT_CMD_BUFSZ;
	37
	38	- else if (*buf_size + 1 > sizeof(buf)) {
	39	- pr_log_pri(PR_LOG_WARNING, "Invalid CommandBufferSize size given. "
	40	- "Resetting to 512.");
	41	- cmd_buf_size = 512;
	42	+ } else {
	43	+ pr_log_debug(DEBUG1, "setting CommandBufferSize to %d", *bufsz);
	44	+ cmd_buf_size = (long) *bufsz;
	45	}
	46	}
	47