aboutsummaryrefslogtreecommitdiff
path: root/deskutils/kdepim44
diff options
context:
space:
mode:
authorWill Andrews <will@FreeBSD.org>2004-01-15 05:24:57 +0000
committerWill Andrews <will@FreeBSD.org>2004-01-15 05:24:57 +0000
commited7d0c6125e6500dfb7495fdcf885124627983ec (patch)
tree90de29ff1dc3f298eaca5737ab749683e33de414 /deskutils/kdepim44
parent0c8cf8b502b66aed948acae557f4deb3be00226f (diff)
Fix a buffer overflow in the file information reader of VCF files.
See http://www.kde.org/info/security/advisory-20040114-1.txt and http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0988 for more info. Bump PORTREVISION as this is a strongly recommended patch. This approach is simpler than upgrading all KDE ports to 3.1.5, since we're going to upgrade them to 3.2 in under a month anyway. Submitted by: Andy Fawcett <andy@athame.co.uk>
Notes
Notes: svn path=/head/; revision=98180
Diffstat (limited to 'deskutils/kdepim44')
-rw-r--r--deskutils/kdepim44/Makefile1
-rw-r--r--deskutils/kdepim44/files/patch-vcf-kfile_vcf.cpp24
2 files changed, 25 insertions, 0 deletions
diff --git a/deskutils/kdepim44/Makefile b/deskutils/kdepim44/Makefile
index cbcddd3366e7..3048aa3553ba 100644
--- a/deskutils/kdepim44/Makefile
+++ b/deskutils/kdepim44/Makefile
@@ -7,6 +7,7 @@
PORTNAME= kdepim
PORTVERSION= ${KDE_VERSION}
+PORTREVISION= 1
CATEGORIES= deskutils kde
MASTER_SITES= ${MASTER_SITE_KDE}
MASTER_SITE_SUBDIR= stable/${PORTVERSION}/src
diff --git a/deskutils/kdepim44/files/patch-vcf-kfile_vcf.cpp b/deskutils/kdepim44/files/patch-vcf-kfile_vcf.cpp
new file mode 100644
index 000000000000..e3860317514b
--- /dev/null
+++ b/deskutils/kdepim44/files/patch-vcf-kfile_vcf.cpp
@@ -0,0 +1,24 @@
+--- kfile-plugins/vcf/kfile_vcf.cpp 2003-07-16 21:12:41.000000000 +0200
++++ kfile-plugins/vcf/kfile_vcf.cpp 2003-12-16 15:38:20.000000000 +0100
+@@ -90,17 +90,17 @@
+ while (!done) {
+
+ // read a line
+- file.readLine(linebuf, 4096);
++ file.readLine(linebuf, sizeof(linebuf));
+
+ // have we got something useful?
+ if (memcmp(linebuf, id_name, 3) == 0) {
+ // we have a name
+ myptr = linebuf + 3;
+- strncpy(buf_name, myptr, 999);
++ strlcpy(buf_name, myptr, sizeof( buf_name ));
+ } else if (memcmp(linebuf, id_email, 15) == 0) {
+ // we have a name
+ myptr = linebuf + 15;
+- strncpy(buf_email, myptr, 999);
++ strlcpy(buf_email, myptr, sizeof( buf_email ));
+ }
+
+ // are we done yet?
+