Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 206523 Details for
Bug 288295
<games-strategy/dopewars-1.5.12-r2: Server DoS (CVE-2009-3591)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
dopewars-CVE-2009-3591.patch
dopewars-CVE-2009-3591.patch (text/plain), 714 bytes, created by
Alex Legler (RETIRED)
on 2009-10-09 12:11:27 UTC
(
hide
)
Description:
dopewars-CVE-2009-3591.patch
Filename:
MIME Type:
Creator:
Alex Legler (RETIRED)
Created:
2009-10-09 12:11:27 UTC
Size:
714 bytes
patch
obsolete
>Patch for CVE-2009-3591 -- bug 288295. > >Fetched from upstream SVN: >http://dopewars.svn.sourceforge.net/viewvc/dopewars/dopewars/trunk/src/serverside.c?r1=1033&r2=1032&pathrev=1033 > >--- dopewars/trunk/src/serverside.c 2009/03/10 07:18:49 1032 >+++ dopewars/trunk/src/serverside.c 2009/10/05 04:11:32 1033 >@@ -504,6 +504,12 @@ > break; > case C_REQUESTJET: > i = atoi(Data); >+ /* Make sure value is within range */ >+ if (i < 0 || i >= NumLocation) { >+ dopelog(3, LF_SERVER, _("%s: DENIED jet to invalid location %s"), >+ GetPlayerName(Play), Data); >+ break; >+ } > if (Play->EventNum == E_FIGHT || Play->EventNum == E_FIGHTASK) { > if (CanRunHere(Play)) { > break;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=206523">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 288295
: 206523
