From: | "Santiago M. Mola (coldwind)" <coldwind@g.o> |
---|---|
To: | gentoo-commits@l.g.o |
Subject: | [gentoo-commits] gentoo-x86 commit in net-p2p/linuxdcpp/files: linuxdcpp-1.0.1-fix-remote-vulnerability.patch |
Date: | Sun, 29 Jun 2008 22:52:08 |
Message-Id: | E1KD5kZ-0006wM-0d@stork.gentoo.org |
1 | coldwind 08/06/29 22:52:03 |
2 | |
3 | Modified: linuxdcpp-1.0.1-fix-remote-vulnerability.patch |
4 | Log: |
5 | Security fix, second round. |
6 | (Portage version: 2.2_rc1/cvs/Linux 2.6.25-gentoo-r3 x86_64) |
7 | |
8 | Revision Changes Path |
9 | 1.2 net-p2p/linuxdcpp/files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch |
10 | |
11 | file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-p2p/linuxdcpp/files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch?rev=1.2&view=markup |
12 | plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-p2p/linuxdcpp/files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch?rev=1.2&content-type=text/plain |
13 | diff : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-p2p/linuxdcpp/files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch?r1=1.1&r2=1.2 |
14 | |
15 | Index: linuxdcpp-1.0.1-fix-remote-vulnerability.patch |
16 | =================================================================== |
17 | RCS file: /var/cvsroot/gentoo-x86/net-p2p/linuxdcpp/files/linuxdcpp-1.0.1-fix-remote-vulnerability.patch,v |
18 | retrieving revision 1.1 |
19 | retrieving revision 1.2 |
20 | diff -u -r1.1 -r1.2 |
21 | --- linuxdcpp-1.0.1-fix-remote-vulnerability.patch 29 Jun 2008 18:46:01 -0000 1.1 |
22 | +++ linuxdcpp-1.0.1-fix-remote-vulnerability.patch 29 Jun 2008 22:52:02 -0000 1.2 |
23 | @@ -13,3 +13,21 @@ |
24 | for(ShareManager::Directory::MapIter it2 = it->second->directories.begin(); it2 != it->second->directories.end(); ++it2) { |
25 | it2->second->toXml(sos, indent, tmp, recurse); |
26 | } |
27 | +--- client/NmdcHub.cpp 4 Aug 2007 21:17:21 -0000 1.14 |
28 | ++++ client/NmdcHub.cpp 29 Jun 2008 15:42:27 -0000 1.15 |
29 | +@@ -693,10 +693,14 @@ |
30 | + if(fromNick.empty()) |
31 | + return; |
32 | + |
33 | ++ if(param.size() < j + 2) { |
34 | ++ return; |
35 | ++ } |
36 | ++ string msg = param.substr(j + 2); |
37 | ++ |
38 | + OnlineUser* replyTo = findUser(rtNick); |
39 | + OnlineUser* from = findUser(fromNick); |
40 | + |
41 | +- string msg = param.substr(j + 2); |
42 | + if(replyTo == NULL || from == NULL) { |
43 | + if(replyTo == 0) { |
44 | + // Assume it's from the hub |
45 | |
46 | |
47 | |
48 | -- |
49 | gentoo-commits@l.g.o mailing list |