|
|
@@ -108,3 +108,35 @@ Index: rtpproxy/rtpp_util.h
|
|
|
#define err(exitcode, format, args...) \
|
|
|
errx(exitcode, format ": %s", ## args, strerror(errno))
|
|
|
#define errx(exitcode, format, args...) \
|
|
|
+
|
|
|
+-----------------------------------------------------------------------------
|
|
|
+
|
|
|
+Security Fix (OpenPKG-SA-2006.042, OpenPKG-TT-E1#29)
|
|
|
+
|
|
|
+Index: modules/permissions/parse_config.c
|
|
|
+--- modules/permissions/parse_config.c.orig 2005-06-13 18:47:43 +0200
|
|
|
++++ modules/permissions/parse_config.c 2006-12-26 11:15:25 +0100
|
|
|
+@@ -111,8 +111,11 @@
|
|
|
+ except = strstr(str, " EXCEPT ");
|
|
|
+ if (except) {
|
|
|
+ /* exception found */
|
|
|
+- strncpy(str2, str, except-str);
|
|
|
+- str2[except-str] = '\0';
|
|
|
++ int l = except - str;
|
|
|
++ if (l > sizeof(str2) - 1)
|
|
|
++ l = sizeof(str2) - 1;
|
|
|
++ strncpy(str2, str, l);
|
|
|
++ str2[l] = '\0';
|
|
|
+ /* except+8 points to the exception */
|
|
|
+ if (parse_expression_list(except+8, e_exceptions)) {
|
|
|
+ /* error */
|
|
|
+@@ -121,7 +124,8 @@
|
|
|
+ }
|
|
|
+ } else {
|
|
|
+ /* no exception */
|
|
|
+- strcpy(str2, str);
|
|
|
++ strncpy(str2, str, sizeof(str2)-1);
|
|
|
++ str2[sizeof(str2)-1] = '\0';
|
|
|
+ *e_exceptions = NULL;
|
|
|
+ }
|
|
|
+
|
