Add a patch that fixes a locally-exploitable buffer overflow reported

on BugTraq:
  http://online.securityfocus.com/archive/1/311172/2003-02-08/2003-02-14/0

Bump PORTREVISION accordingly.

Obtained from:	games/nethack34 (roam)

2 files changed, 21 insertions, 1 deletions

diff --git a/japanese/nethack34/Makefile b/japanese/nethack34/Makefile
index fef3891ae3b6..13212b6026db 100644
--- a/japanese/nethack34/Makefile
+++ b/japanese/nethack34/Makefile
@@ -5,7 +5,7 @@
 # $FreeBSD$
 #
 
-PORTREVISION=	3
+PORTREVISION=	4
 
 CATEGORIES=	japanese games
 
diff --git a/japanese/nethack34/files/patch-ah b/japanese/nethack34/files/patch-ah
new file mode 100644
index 000000000000..a21918f7a656
--- /dev/null
+++ b/japanese/nethack34/files/patch-ah
@@ -0,0 +1,20 @@
+--- src/topten.c	Thu Mar 21 01:43:19 2002
++++ src/topten.c	Tue Feb 11 15:36:23 2003
+@@ -855,8 +855,15 @@
+ 	    if (playerct < 1) Strcat(pbuf, "you.");
+ 	    else {
+ 		if (playerct > 1) Strcat(pbuf, "any of ");
+-		for (i = 0; i < playerct; i++) {
+-		    Strcat(pbuf, players[i]);
++		for (i = 0; i < playerct && strlen(pbuf) < sizeof(pbuf) - 2;
++		    i++) {
++		    size_t len = strlen(pbuf), rest;
++		    if (strlen(players[i]) > sizeof(pbuf) - len - 2) {
++			rest = sizeof(pbuf) - strlen(pbuf) - 2;
++			memcpy(pbuf + len, players[i], rest);
++			pbuf[len + rest] = '\0';
++		    } else
++			Strcat(pbuf, players[i]);
+ 		    if (i < playerct-1) {
+ 			if (players[i][0] == '-' &&
+ 			    index("pr", players[i][1]) && players[i][2] == 0)