- needed on head, too

Changed files:
    proftpd-CVE-2006-5815.patch -> 1.3

diff --git a/proftpd-CVE-2006-5815.patch b/proftpd-CVE-2006-5815.patch
new file mode 100644 (file)
index 0000000..61a7760
--- /dev/null
+++ b/proftpd-CVE-2006-5815.patch
@@ -0,0 +1,47 @@
+diff -ruN proftpd-1.2.10-old/src/main.c proftpd-1.2.10/src/main.c
+--- proftpd-1.2.10-old/src/main.c      2006-11-20 14:06:17.000000000 +0100
++++ proftpd-1.2.10/src/main.c  2006-11-20 14:07:03.000000000 +0100
+@@ -118,6 +118,8 @@
+ 
+ static char sbuf[PR_TUNABLE_BUFFER_SIZE] = {'\0'};
+ 
++#define PR_DEFAULT_CMD_BUFSZ 512
++
+ static char **Argv = NULL;
+ static char *LastArgv = NULL;
+ static const char *PidPath = PID_FILE_PATH;
+@@ -810,16 +812,25 @@
+       reset_timer(TIMER_IDLE, NULL);
+ 
+     if (cmd_buf_size == -1) {
+-      long *buf_size = get_param_ptr(main_server->conf,
+-        "CommandBufferSize", FALSE);
+-
+-      if (buf_size == NULL || *buf_size <= 0)
+-        cmd_buf_size = 512;
++      int *bufsz = get_param_ptr(main_server->conf, "CommandBufferSize", FALSE);
++      if (bufsz == NULL) {
++        cmd_buf_size = PR_DEFAULT_CMD_BUFSZ;
++
++      } else if (*bufsz <= 0) {
++        pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) "
++          "given, using default buffer size (%u) instead",
++          *bufsz, PR_DEFAULT_CMD_BUFSZ);
++        cmd_buf_size = PR_DEFAULT_CMD_BUFSZ;
++
++      } else if (*bufsz + 1 > sizeof(buf)) {
++        pr_log_pri(PR_LOG_WARNING, "invalid CommandBufferSize size (%d) "
++          "given, using default buffer size (%u) instead",
++          *bufsz, PR_DEFAULT_CMD_BUFSZ);
++        cmd_buf_size = PR_DEFAULT_CMD_BUFSZ;
+ 
+-      else if (*buf_size + 1 > sizeof(buf)) {
+-      pr_log_pri(PR_LOG_WARNING, "Invalid CommandBufferSize size given. "
+-          "Resetting to 512.");
+-      cmd_buf_size = 512;
++      } else {
++        pr_log_debug(DEBUG1, "setting CommandBufferSize to %d", *bufsz);
++        cmd_buf_size = (long) *bufsz;
+       }
+     }
+