You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
|
|
Security Bugfix
|
|
|
|
|
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0577
|
|
|
|
|
|
|
|
|
|
--- common.c.orig 1999-06-15 18:24:19.000000000 -0300
|
|
|
|
|
+++ common.c 2003-07-11 14:28:13.000000000 -0300
|
|
|
|
|
@@ -123,7 +123,7 @@
|
|
|
|
|
return FALSE;
|
|
|
|
|
if(!((head>>17)&3))
|
|
|
|
|
return FALSE;
|
|
|
|
|
- if( ((head>>12)&0xf) == 0xf)
|
|
|
|
|
+ if(((head>>12)&0xf) == 0xf || ((head>>12)&0xf) == 0)
|
|
|
|
|
return FALSE;
|
|
|
|
|
if( ((head>>10)&0x3) == 0x3 )
|
|
|
|
|
return FALSE;
|
|
|
|
|
|
|
|
|
|
Security Bugfix:
|
|
|
|
|
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865
|
|
|
|
|
|
|
|
|
|
--- httpget.c.orig Fri May 28 08:10:44 1999
|
|
|
|
|
+++ httpget.c Tue Nov 11 13:50:17 2003
|
|
|
|
|
@@ -53,11 +53,11 @@ void readstring (char *string, int maxle
|
|
|
|
|
#if 0
|
|
|
|
|
char *result;
|
|
|
|
|
#endif
|
|
|
|
|
int pos = 0;
|
|
|
|
|
|
|
|
|
|
- while(1) {
|
|
|
|
|
+ while(pos < maxlen) {
|
|
|
|
|
if( read(fileno(f),string+pos,1) == 1) {
|
|
|
|
|
pos++;
|
|
|
|
|
if(string[pos-1] == '\n') {
|
|
|
|
|
string[pos] = 0;
|
|
|
|
|
break;
|
|
|
|
|
@@ -66,10 +66,11 @@ void readstring (char *string, int maxle
|
|
|
|
|
else if(errno != EINTR) {
|
|
|
|
|
fprintf (stderr, "Error reading from socket or unexpected EOF.\n");
|
|
|
|
|
exit(1);
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
+ string[pos] = 0;
|
|
|
|
|
#if 0
|
|
|
|
|
do {
|
|
|
|
|
result = fgets(string, maxlen, f);
|
|
|
|
|
} while (!result && errno == EINTR);
|
|
|
|
|
if (!result) {
|
