3 files changed, 48 insertions, 1 deletions

diff --git a/www/apache13-modssl/Makefile b/www/apache13-modssl/Makefile
index a3dadbe4a670..f1e6fae883bb 100644
--- a/www/apache13-modssl/Makefile
+++ b/www/apache13-modssl/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	apache+mod_ssl
 PORTVERSION=	${VERSION_APACHE}+${VERSION_MODSSL}
-PORTREVISION?=	1
+PORTREVISION?=	2
 CATEGORIES?=	www security
 MASTER_SITES=	${MASTER_SITE_APACHE_HTTPD} \
 		${MASTER_SITES_MODSSL:S/$/:mod_ssl/} \
@@ -280,6 +280,8 @@ CONFIGURE_ARGS+=	--enable-rule=INET6
 PLIST_SUB+=	WITHIPV6=""
 PLIST_FILES+=	include/apache/sa_len.h \
 		include/apache/sockaddr_storage.h
+.else
+EXTRA_PATCHES+=	${FILESDIR}/logresolve.c.patch
 .endif
 
 .if defined(WITH_APACHE_LATESTLOG)
diff --git a/www/apache13-modssl/files/CVE-2010-0010.patch b/www/apache13-modssl/files/CVE-2010-0010.patch
new file mode 100644
index 000000000000..c9ea4382bcb2
--- /dev/null
+++ b/www/apache13-modssl/files/CVE-2010-0010.patch
@@ -0,0 +1,33 @@
+diff -urN apache_1.3.41/src/main/buff.c src/main/buff.c
+--- apache_1.3.41/src/main/buff.c	2006-07-12 10:16:05.000000000 +0200
++++ src/main/buff.c	2010-01-07 11:28:00.000000000 +0100
+@@ -737,7 +737,7 @@
+ {
+     int i, nrd;
+ 
+-    if (fb->flags & B_RDERR)
++    if (fb->flags & B_RDERR || nbyte < 0)
+ 	return -1;
+     if (nbyte == 0)
+ 	return 0;
+@@ -1258,7 +1258,7 @@
+     static int csize = 0;
+ #endif /*CHARSET_EBCDIC*/
+ 
+-    if (fb->flags & (B_WRERR | B_EOUT))
++    if (fb->flags & (B_WRERR | B_EOUT) || nbyte < 0)
+ 	return -1;
+     if (nbyte == 0)
+ 	return 0;
+diff -urN apache_1.3.41/src/modules/proxy/proxy_util.c src/modules/proxy/proxy_util.c
+--- apache_1.3.41/src/modules/proxy/proxy_util.c	2007-10-30 20:17:03.000000000 +0100
++++ src/modules/proxy/proxy_util.c	2010-01-07 11:28:00.000000000 +0100
+@@ -507,7 +507,7 @@
+ 
+             /* read the chunk */
+             if (remaining > 0) {
+-                n = ap_bread(f, buf, MIN((int)buf_size, (int)remaining));
++                n = ap_bread(f, buf, (int) MIN(buf_size, remaining));
+                 if (n > -1) {
+                     remaining -= n;
+                     end_of_chunk = (remaining == 0);
diff --git a/www/apache13-modssl/files/logresolve.c.patch b/www/apache13-modssl/files/logresolve.c.patch
new file mode 100644
index 000000000000..04aaf2e5526e
--- /dev/null
+++ b/www/apache13-modssl/files/logresolve.c.patch
@@ -0,0 +1,12 @@
+diff -urN apache_1.3.41/src/support/logresolve.c src/support/logresolve.c
+--- apache_1.3.41/src/support/logresolve.c	2006-07-12 10:16:05.000000000 +0200
++++ src/support/logresolve.c	2008-10-06 16:29:12.000000000 +0200
+@@ -165,7 +165,7 @@
+ 
+ 	hostdata = gethostbyaddr((const char *) &ipnum, sizeof(struct in_addr),
+ 				 AF_INET);
+-	if (hostdata == NULL) {
++	if (hostdata == NULL || !hostdata->h_name || !*hostdata->h_name) {
+ 	    if (h_errno > MAX_ERR)
+ 		errors[UNKNOWN_ERR]++;
+ 	    else