[src/trunk]: src/external/gpl2/xcvs/dist/src add patch from Redhat bug#78414...

To: source-changes-hg%NetBSD.org@localhost
Subject: [src/trunk]: src/external/gpl2/xcvs/dist/src add patch from Redhat bug#78414...
From: drochner <drochner%NetBSD.org@localhost>
Date: Mon, 06 Apr 2020 22:07:56 +0000

details:   https://anonhg.NetBSD.org/src/rev/352a99cc3135
branches:  trunk
changeset: 773608:352a99cc3135
user:      drochner <drochner%NetBSD.org@localhost>
date:      Thu Feb 09 16:28:53 2012 +0000

description:
add  patch from Redhat bug#784141 which fixes a possible
buffer overflow if used with an HTTP proxy (CVE-2012-0804)
approved by releng

diffstat:

 external/gpl2/xcvs/dist/src/client.c |  6 +++---
 1 files changed, 3 insertions(+), 3 deletions(-)

diffs (16 lines):

diff -r 434bb82007fd -r 352a99cc3135 external/gpl2/xcvs/dist/src/client.c
--- a/external/gpl2/xcvs/dist/src/client.c      Thu Feb 09 15:15:58 2012 +0000
+++ b/external/gpl2/xcvs/dist/src/client.c      Thu Feb 09 16:28:53 2012 +0000
@@ -3550,9 +3550,9 @@
          * code.
          */
        read_line_via (from_server, to_server, &read_buf);
-       sscanf (read_buf, "%s %d", write_buf, &codenum);
-
-       if ((codenum / 100) != 2)
+       count = sscanf (read_buf, "%*s %d", &codenum);
+
+       if (count != 1 || (codenum / 100) != 2)
            error (1, 0, "proxy server %s:%d does not support http tunnelling",
                   root->proxy_hostname, proxy_port_number);
        free (read_buf);

Prev by Date: [src/trunk]: src/external/gpl3/gdb/dist/gdb Make mips gdb7 compile.
Next by Date: [src/trunk]: src/tools/gdb Disable the sim on mips for next person running gd...
Previous by Thread: [src/trunk]: src/external/gpl3/gdb/dist/gdb Make mips gdb7 compile.
Next by Thread: [src/trunk]: src/tools/gdb Disable the sim on mips for next person running gd...
Indexes:

Home | Main Index | Thread Index | Old Index