- fix remore exploitable bug in libgtop_daemon (patch from Conectiva).

author kloczek <kloczek@pld-linux.org>

Mon, 20 May 2002 17:32:46 +0000 (17:32 +0000)

committer cvs2git <feedback@pld-linux.org>

Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)
author kloczek <kloczek@pld-linux.org>
Mon, 20 May 2002 17:32:46 +0000 (17:32 +0000)
committer cvs2git <feedback@pld-linux.org>
Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)
diff --git a/libgtop-ovflw.patch b/libgtop-ovflw.patch

new file mode 100644 (file)

index 0000000..e6433d5
--- /dev/null
+++ b/libgtop-ovflw.patch
@@ -0,0 +1,15 @@
+diff -ur libgtop-1.0.13.orig/src/daemon/gnuserv.c libgtop-1.0.13/src/daemon/gnuserv.c
+--- libgtop-1.0.13.orig/src/daemon/gnuserv.c   Mon Nov 26 20:37:59 2001
++++ libgtop-1.0.13/src/daemon/gnuserv.c        Wed Dec 19 15:03:50 2001
+@@ -200,6 +200,11 @@
+ 
+       auth_data_len = atoi (buf);
+ 
++      if (auth_data_len < 1 || auth_data_len > sizeof(buf)) {
++              syslog_message(LOG_WARNING, "Invalid data length supplied by client");
++              return FALSE;
++      }
++
+       if (timed_read (fd, buf, auth_data_len, AUTH_TIMEOUT, 0) != auth_data_len)
+           return FALSE;
+
author	kloczek <kloczek@pld-linux.org>
	Mon, 20 May 2002 17:32:46 +0000 (17:32 +0000)
committer	cvs2git <feedback@pld-linux.org>
	Sun, 24 Jun 2012 12:13:13 +0000 (12:13 +0000)