diff options
author | Will Andrews <will@FreeBSD.org> | 2004-01-15 05:24:57 +0000 |
---|---|---|
committer | Will Andrews <will@FreeBSD.org> | 2004-01-15 05:24:57 +0000 |
commit | ed7d0c6125e6500dfb7495fdcf885124627983ec (patch) | |
tree | 90de29ff1dc3f298eaca5737ab749683e33de414 /deskutils/kdepim44 | |
parent | 0c8cf8b502b66aed948acae557f4deb3be00226f (diff) |
Fix a buffer overflow in the file information reader of VCF files.
See http://www.kde.org/info/security/advisory-20040114-1.txt and
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0988 for more info.
Bump PORTREVISION as this is a strongly recommended patch. This approach
is simpler than upgrading all KDE ports to 3.1.5, since we're going to
upgrade them to 3.2 in under a month anyway.
Submitted by: Andy Fawcett <andy@athame.co.uk>
Notes
Notes:
svn path=/head/; revision=98180
Diffstat (limited to 'deskutils/kdepim44')
-rw-r--r-- | deskutils/kdepim44/Makefile | 1 | ||||
-rw-r--r-- | deskutils/kdepim44/files/patch-vcf-kfile_vcf.cpp | 24 |
2 files changed, 25 insertions, 0 deletions
diff --git a/deskutils/kdepim44/Makefile b/deskutils/kdepim44/Makefile index cbcddd3366e7..3048aa3553ba 100644 --- a/deskutils/kdepim44/Makefile +++ b/deskutils/kdepim44/Makefile @@ -7,6 +7,7 @@ PORTNAME= kdepim PORTVERSION= ${KDE_VERSION} +PORTREVISION= 1 CATEGORIES= deskutils kde MASTER_SITES= ${MASTER_SITE_KDE} MASTER_SITE_SUBDIR= stable/${PORTVERSION}/src diff --git a/deskutils/kdepim44/files/patch-vcf-kfile_vcf.cpp b/deskutils/kdepim44/files/patch-vcf-kfile_vcf.cpp new file mode 100644 index 000000000000..e3860317514b --- /dev/null +++ b/deskutils/kdepim44/files/patch-vcf-kfile_vcf.cpp @@ -0,0 +1,24 @@ +--- kfile-plugins/vcf/kfile_vcf.cpp 2003-07-16 21:12:41.000000000 +0200 ++++ kfile-plugins/vcf/kfile_vcf.cpp 2003-12-16 15:38:20.000000000 +0100 +@@ -90,17 +90,17 @@ + while (!done) { + + // read a line +- file.readLine(linebuf, 4096); ++ file.readLine(linebuf, sizeof(linebuf)); + + // have we got something useful? + if (memcmp(linebuf, id_name, 3) == 0) { + // we have a name + myptr = linebuf + 3; +- strncpy(buf_name, myptr, 999); ++ strlcpy(buf_name, myptr, sizeof( buf_name )); + } else if (memcmp(linebuf, id_email, 15) == 0) { + // we have a name + myptr = linebuf + 15; +- strncpy(buf_email, myptr, 999); ++ strlcpy(buf_email, myptr, sizeof( buf_email )); + } + + // are we done yet? + |