diff options
| author |   Santiago M. Mola <coldwind@gentoo.org> | 2008-06-29 22:52:02 +0000 |
|---|---|---|
| committer | Santiago M. Mola <coldwind@gentoo.org> | 2008-06-29 22:52:02 +0000 |
| commit | 7671efc282994ebca7125942ad0188f5a15e04f0 (patch) | |
| tree | d18ce0ebfdec9a4bf6bf3787e798fbea8316a5f9 /net-p2p/linuxdcpp/files | |
| parent | add patches from bugs #229719, #229723, #216391 (diff) | |
| download | historical-7671efc282994ebca7125942ad0188f5a15e04f0.tar.gz historical-7671efc282994ebca7125942ad0188f5a15e04f0.tar.bz2 historical-7671efc282994ebca7125942ad0188f5a15e04f0.zip | |
Security fix, second round.
Package-Manager: portage-2.2_rc1/cvs/Linux 2.6.25-gentoo-r3 x86_64
Diffstat (limited to 'net-p2p/linuxdcpp/files')
| -rw-r--r-- | net-p2p/linuxdcpp/files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/net-p2p/linuxdcpp/files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch b/net-p2p/linuxdcpp/files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch index 91f164a37d18..ab2346678a38 100644 --- a/net-p2p/linuxdcpp/files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch +++ b/net-p2p/linuxdcpp/files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch @@ -13,3 +13,21 @@ Security bug, fixed upstream. for(ShareManager::Directory::MapIter it2 = it->second->directories.begin(); it2 != it->second->directories.end(); ++it2) { it2->second->toXml(sos, indent, tmp, recurse); } +--- client/NmdcHub.cpp 4 Aug 2007 21:17:21 -0000 1.14 ++++ client/NmdcHub.cpp 29 Jun 2008 15:42:27 -0000 1.15 +@@ -693,10 +693,14 @@ + if(fromNick.empty()) + return; + ++ if(param.size() < j + 2) { ++ return; ++ } ++ string msg = param.substr(j + 2); ++ + OnlineUser* replyTo = findUser(rtNick); + OnlineUser* from = findUser(fromNick); + +- string msg = param.substr(j + 2); + if(replyTo == NULL || from == NULL) { + if(replyTo == 0) { + // Assume it's from the hub |