Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 640172 Details for
Bug 721566
<mail-mta/netqmail-1.06-r13: multiple vulnerabilities (CVE-2005-{1513,1514,1515})
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch 2
0002-fix-possible-signed-integer-overflow-in-commands-CVE.patch (text/plain), 972 bytes, created by
Rolf Eike Beer
on 2020-05-18 16:31:28 UTC
(
hide
)
Description:
patch 2
Filename:
MIME Type:
Creator:
Rolf Eike Beer
Created:
2020-05-18 16:31:28 UTC
Size:
972 bytes
patch
obsolete
>From ec4e7e8584e637450659659ca31bb843341da08e Mon Sep 17 00:00:00 2001 >From: Rolf Eike Beer <eike@sf-mail.de> >Date: Tue, 12 May 2020 20:06:38 +0200 >Subject: [PATCH 2/4] fix possible signed integer overflow in commands() > (CVE-2005-1514) > >Fix it as suggested by the Qualys Security Advisory team. >--- > commands.c | 7 ++++--- > 1 file changed, 4 insertions(+), 3 deletions(-) > >diff --git a/commands.c b/commands.c >index b0d3f61..90a50c9 100644 >--- a/commands.c >+++ b/commands.c >@@ -10,16 +10,17 @@ int commands(ss,c) > substdio *ss; > struct commands *c; > { >- int i; >+ unsigned int i; > char *arg; > > for (;;) { > if (!stralloc_copys(&cmd,"")) return -1; > > for (;;) { >+ int j; > if (!stralloc_readyplus(&cmd,1)) return -1; >- i = substdio_get(ss,cmd.s + cmd.len,1); >- if (i != 1) return i; >+ j = substdio_get(ss,cmd.s + cmd.len,1); >+ if (j != 1) return j; > if (cmd.s[cmd.len] == '\n') break; > ++cmd.len; > } >-- >2.26.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 721566
:
640170
| 640172 |
640174
|
640176