diff options
author | Jan Rękorajski | 2006-04-21 23:40:25 (GMT) |
---|---|---|
committer | cvs2git | 2012-06-24 12:13:13 (GMT) |
commit | f722942f0e2a6fd686443fa81e5ecbf1b2039a21 (patch) | |
tree | fb6b5ad7fb9cadde0134fc87ec860f388136ab5a | |
parent | 917fc0c9338a43b34f37a1ddc39d89f012350c53 (diff) | |
download | apache-mod_ntlm-f722942f0e2a6fd686443fa81e5ecbf1b2039a21.zip apache-mod_ntlm-f722942f0e2a6fd686443fa81e5ecbf1b2039a21.tar.gz |
- orphaned, outdated
Changed files:
apache-mod_ntlm-security.patch -> 1.2
-rw-r--r-- | apache-mod_ntlm-security.patch | 31 |
1 files changed, 0 insertions, 31 deletions
diff --git a/apache-mod_ntlm-security.patch b/apache-mod_ntlm-security.patch deleted file mode 100644 index 18f81cd..0000000 --- a/apache-mod_ntlm-security.patch +++ /dev/null @@ -1,31 +0,0 @@ -Fixes vulnerabilities in log() and flog() functions: -heap overflows (BugTraqID 7388) -format strings (BugTraqID 7393) -insecure file access in /tmp -diff -Nur mod_ntlm-0.4.orig/mod_ntlm.c mod_ntlm-0.4/mod_ntlm.c ---- mod_ntlm-0.4.orig/mod_ntlm.c 2003-02-21 02:55:13.000000000 +0100 -+++ mod_ntlm-0.4/mod_ntlm.c 2003-10-25 23:03:34.470322328 +0200 -@@ -48,9 +48,9 @@ - if ((s = (char *) malloc(2048)) == NULL) - return; - va_start(ap, format); -- vsprintf(s, format, ap); -+ vsnprintf(s, 2048, format, ap); - va_end(ap); -- ap_log_rerror(APLOG_MARK, APLOG_NOERRNO | APLOG_NOTICE, r, s); -+ ap_log_rerror(APLOG_MARK, APLOG_NOERRNO | APLOG_NOTICE, r, "%s", s); - free(s); - } - static void -@@ -63,9 +63,9 @@ - if ((s = (char *) malloc(2048)) == NULL) - return; - va_start(ap, format); -- vsprintf(s, format, ap); -+ vsnprintf(s, 2048, format, ap); - va_end(ap); -- if ((f = fopen("/tmp/mod_ntlm.log", "a")) != NULL) { -+ if ((f = fopen("/var/log/mod_ntlm.log", "a")) != NULL) { - fputs(s, f); - fputs("\n", f); - fclose(f); |