diff options
| author |   Ned Ludd <solar@gentoo.org> | 2004-11-06 16:43:41 +0000 |
|---|---|---|
| committer | Ned Ludd <solar@gentoo.org> | 2004-11-06 16:43:41 +0000 |
| commit | eb6eb61124e89f53a40bbedc780bc67100799feb (patch) | |
| tree | 3cc5e5b2a07a1cc6adc7c065abe1be054f960cad /net-firewall/iptables/files | |
| parent | new eclass used by the new 'split' kde ebuilds. i'm adding the kdebindings-de... (diff) | |
| download | gentoo-2-eb6eb61124e89f53a40bbedc780bc67100799feb.tar.gz gentoo-2-eb6eb61124e89f53a40bbedc780bc67100799feb.tar.bz2 gentoo-2-eb6eb61124e89f53a40bbedc780bc67100799feb.zip | |
security bump. Exception handling error. bug 70240
Diffstat (limited to 'net-firewall/iptables/files')
| -rw-r--r-- | net-firewall/iptables/files/1.2.11-files/CAN-2004-0986.patch | 48 | ||||
| -rw-r--r-- | net-firewall/iptables/files/digest-iptables-1.2.11-r3 | 1 |
2 files changed, 49 insertions, 0 deletions
diff --git a/net-firewall/iptables/files/1.2.11-files/CAN-2004-0986.patch b/net-firewall/iptables/files/1.2.11-files/CAN-2004-0986.patch new file mode 100644 index 000000000000..14a65e2dd190 --- /dev/null +++ b/net-firewall/iptables/files/1.2.11-files/CAN-2004-0986.patch @@ -0,0 +1,48 @@ +--- old/iptables_profectio/iptables.c (revision 3243) ++++ new/iptables_profectio/iptables.c (working copy) +@@ -1593,15 +1593,17 @@ + int procfile; + char *ret; + ++#define PROCFILE_BUFSIZ 1024 + procfile = open(PROC_SYS_MODPROBE, O_RDONLY); + if (procfile < 0) + return NULL; + +- ret = malloc(1024); ++ ret = (char *) malloc(PROCFILE_BUFSIZ); + if (ret) { +- switch (read(procfile, ret, 1024)) { ++ memset(ret, 0, PROCFILE_BUFSIZ); ++ switch (read(procfile, ret, PROCFILE_BUFSIZ)) { + case -1: goto fail; +- case 1024: goto fail; /* Partial read. Wierd */ ++ case PROCFILE_BUFSIZ: goto fail; /* Partial read. Wierd */ + } + if (ret[strlen(ret)-1]=='\n') + ret[strlen(ret)-1]=0; + +--- old/iptables_profectio/ip6tables.c (revision 3243) ++++ new/iptables_profectio/ip6tables.c (working copy) +@@ -1595,15 +1595,17 @@ + int procfile; + char *ret; + ++#define PROCFILE_BUFSIZ 1024 + procfile = open(PROC_SYS_MODPROBE, O_RDONLY); + if (procfile < 0) + return NULL; + +- ret = malloc(1024); ++ ret = malloc(PROCFILE_BUFSIZ); + if (ret) { +- switch (read(procfile, ret, 1024)) { ++ memset(ret, 0, PROCFILE_BUFSIZ); ++ switch (read(procfile, ret, PROCFILE_BUFSIZ)) { + case -1: goto fail; +- case 1024: goto fail; /* Partial read. Wierd */ ++ case PROCFILE_BUFSIZ: goto fail; /* Partial read. Wierd */ + } + if (ret[strlen(ret)-1]=='\n') + ret[strlen(ret)-1]=0; + diff --git a/net-firewall/iptables/files/digest-iptables-1.2.11-r3 b/net-firewall/iptables/files/digest-iptables-1.2.11-r3 new file mode 100644 index 000000000000..5f9f67fb7252 --- /dev/null +++ b/net-firewall/iptables/files/digest-iptables-1.2.11-r3 @@ -0,0 +1 @@ +MD5 0a5f5f226e41ce408a895bec995e8c05 iptables-1.2.11.tar.bz2 156988 |