From 13856cde954b5c799476daa28da39b821db54434 Mon Sep 17 00:00:00 2001
From: jmz <jmz@FreeBSD.org>
Date: Thu, 6 Apr 2006 07:22:10 +0000
Subject: Fix an exploitable buffer overflow.

PR:		ports/95397
Submitted by:	Petr Rehor <prehor@gmail.com>
---
 archivers/zoo/Makefile           |  2 +-
 archivers/zoo/files/patch-misc.c | 20 ++++++++++++++++++++
 2 files changed, 21 insertions(+), 1 deletion(-)
 create mode 100644 archivers/zoo/files/patch-misc.c

(limited to 'archivers/zoo')

diff --git a/archivers/zoo/Makefile b/archivers/zoo/Makefile
index 49a5795..59d07c2 100644
--- a/archivers/zoo/Makefile
+++ b/archivers/zoo/Makefile
@@ -7,7 +7,7 @@
 
 PORTNAME=	zoo
 PORTVERSION=	2.10.1
-PORTREVISION=	1
+PORTREVISION=	2
 CATEGORIES=	archivers
 MASTER_SITES=	ftp://ftp.kiarchive.ru/pub/unix/arcers/
 DISTNAME=	zoo-2.10pl1
diff --git a/archivers/zoo/files/patch-misc.c b/archivers/zoo/files/patch-misc.c
new file mode 100644
index 0000000..e69a120
--- /dev/null
+++ b/archivers/zoo/files/patch-misc.c
@@ -0,0 +1,20 @@
+--- misc.c.orig	Tue Jul 16 17:52:54 1991
++++ misc.c	Thu Apr  6 08:45:41 2006
+@@ -135,11 +135,16 @@
+ char *fullpath (direntry)
+ struct direntry *direntry;
+ {
+-	static char result[PATHSIZE];
++	static char result[PATHSIZE+PATHSIZE+12]; /* Room for enough space */
+ 	combine (result,
+ 				direntry->dirlen != 0 ? direntry->dirname : "", 
+ 				(direntry->namlen != 0) ? direntry->lfname : direntry->fname
+ 			  );
++
++	if (strlen (result) >= PATHSIZE) {
++		prterror ('f', "Combined dirname and filename too long\n");
++	}
++
+ 	return (result);
+ }
+ 
-- 
cgit v1.1