Subversion Repositories

?revision_form?Rev ?revision_input??revision_submit??revision_endform?

Details | Last modification | View Log | RSS feed

Rev Author Line No. Line
39 magnus 1 
#! /bin/sh /usr/share/dpatch/dpatch-run
2 
## 52_compile_bufoverflow.dpatch by Magnus Holmgren <holmgren@debian.org>
3 
##
4 
## DP: Prevent buffer overflows from mechanisms with huge domainspecs.
5 
## DP: As suggested by upstream.
6 
 
7 
@DPATCH@
8 
diff -urNad lenny~/src/libspf2/spf_compile.c lenny/src/libspf2/spf_compile.c
9 
--- lenny~/src/libspf2/spf_compile.c	2008-11-04 21:51:22.000000000 +0100
10 
+++ lenny/src/libspf2/spf_compile.c	2008-11-04 21:53:22.000000000 +0100
11 
@@ -711,6 +711,9 @@
12 
 
13 
 	SPF_errcode_t		 err;
14 
 
15 
+	if (strlen(*mech_value) > (sizeof(buf) >> 1))
16 
+		return SPF_E_BIG_MECH;
17 
+
18 
 	memset(buf, 'B', sizeof(buf));	/* Poison the buffer. */
19 
 	memset(spf_mechanism, 0, sizeof(SPF_mech_t));
20 
 
21 
@@ -858,6 +861,9 @@
22 
 
23 
 	SPF_errcode_t		 err;
24 
 
25 
+	if (strlen(*mod_value) > (sizeof(buf) >> 1))
26 
+		return SPF_E_BIG_MOD;
27 
+
28 
 	memset(buf, 'A', sizeof(buf));
29 
 	memset(spf_modifier, 0, sizeof(SPF_mod_t));
30