You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
45 lines
1.1 KiB
45 lines
1.1 KiB
Security Bugfix |
|
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0577 |
|
|
|
--- common.c.orig 1999-06-15 18:24:19.000000000 -0300 |
|
+++ common.c 2003-07-11 14:28:13.000000000 -0300 |
|
@@ -123,7 +123,7 @@ |
|
return FALSE; |
|
if(!((head>>17)&3)) |
|
return FALSE; |
|
- if( ((head>>12)&0xf) == 0xf) |
|
+ if(((head>>12)&0xf) == 0xf || ((head>>12)&0xf) == 0) |
|
return FALSE; |
|
if( ((head>>10)&0x3) == 0x3 ) |
|
return FALSE; |
|
|
|
Security Bugfix: |
|
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0865 |
|
|
|
--- httpget.c.orig Fri May 28 08:10:44 1999 |
|
+++ httpget.c Tue Nov 11 13:50:17 2003 |
|
@@ -53,11 +53,11 @@ void readstring (char *string, int maxle |
|
#if 0 |
|
char *result; |
|
#endif |
|
int pos = 0; |
|
|
|
- while(1) { |
|
+ while(pos < maxlen) { |
|
if( read(fileno(f),string+pos,1) == 1) { |
|
pos++; |
|
if(string[pos-1] == '\n') { |
|
string[pos] = 0; |
|
break; |
|
@@ -66,10 +66,11 @@ void readstring (char *string, int maxle |
|
else if(errno != EINTR) { |
|
fprintf (stderr, "Error reading from socket or unexpected EOF.\n"); |
|
exit(1); |
|
} |
|
} |
|
+ string[pos] = 0; |
|
#if 0 |
|
do { |
|
result = fgets(string, maxlen, f); |
|
} while (!result && errno == EINTR); |
|
if (!result) {
|
|
|