[src/netbsd-1-4]: src/libexec/ftpd Pull up revision 1.39 (requested by christ...

[he <he%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/49ee3659dc62
branches:  netbsd-1-4
changeset: 471278:49ee3659dc62
user:      he <he%NetBSD.org@localhost>
date:      Sun Apr 01 16:08:06 2001 +0000

description:
Pull up revision 1.39 (requested by christos):
  Fixes buffer overflow problems in glob(3).  Adds and uses GLOB_LIMIT
  to prevent denial of service attacks.

diffstat:

 libexec/ftpd/conf.c |  8 +++++---
 1 files changed, 5 insertions(+), 3 deletions(-)

diffs (29 lines):

diff -r 2282bd0dcd0c -r 49ee3659dc62 libexec/ftpd/conf.c
--- a/libexec/ftpd/conf.c       Sun Apr 01 16:07:40 2001 +0000
+++ b/libexec/ftpd/conf.c       Sun Apr 01 16:08:06 2001 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: conf.c,v 1.18 1999/02/24 16:45:13 explorer Exp $       */
+/*     $NetBSD: conf.c,v 1.18.2.1 2001/04/01 16:08:06 he Exp $ */
 
 /*-
  * Copyright (c) 1997 The NetBSD Foundation, Inc.
@@ -38,7 +38,7 @@
 
 #include <sys/cdefs.h>
 #ifndef lint
-__RCSID("$NetBSD: conf.c,v 1.18 1999/02/24 16:45:13 explorer Exp $");
+__RCSID("$NetBSD: conf.c,v 1.18.2.1 2001/04/01 16:08:06 he Exp $");
 #endif /* not lint */
 
 #include <sys/types.h>
@@ -364,7 +364,9 @@
        if (curclass.notify == NULL || curclass.notify[0] == '\0')
                return;
 
-       if (glob(curclass.notify, 0, NULL, &gl) != 0 || gl.gl_matchc == 0)
+       gl.gl_offs = 0;
+       if (glob(curclass.notify, GLOB_LIMIT, NULL, &gl) != 0
+           || gl.gl_matchc == 0)
                return;
        time(&now);
        for (rlist = gl.gl_pathv; *rlist != NULL; rlist++) {