rpms/linuxdcpp/F-8 linuxdcpp-CVE-2008-2953.patch, NONE, 1.1 linuxdcpp-CVE-2008-2954.patch, NONE, 1.1
Marcin Garski (mgarski)
fedora-extras-commits at redhat.com
Wed Jul 2 11:54:22 UTC 2008
Author: mgarski
Update of /cvs/pkgs/rpms/linuxdcpp/F-8
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv24259
Added Files:
linuxdcpp-CVE-2008-2953.patch linuxdcpp-CVE-2008-2954.patch
Log Message:
- Fix for CVE-2008-2953 and CVE-2008-2954 (#453731)
linuxdcpp-CVE-2008-2953.patch:
--- NEW FILE linuxdcpp-CVE-2008-2953.patch ---
--- linuxdcpp-1.0.1/client/ShareManager.cpp 2007-10-06 02:12:32.000000000 +0200
+++ linuxdcpp-1.0.1/client/ShareManager.cpp.CVE-2008-2953 2008-07-02 13:24:03.000000000 +0200
@@ -926,6 +926,10 @@
}
j = i + 1;
}
+
+ if(it == directories.end())
+ return NULL;
+
for(ShareManager::Directory::MapIter it2 = it->second->directories.begin(); it2 != it->second->directories.end(); ++it2) {
it2->second->toXml(sos, indent, tmp, recurse);
}
linuxdcpp-CVE-2008-2954.patch:
--- NEW FILE linuxdcpp-CVE-2008-2954.patch ---
--- linuxdcpp-1.0.1/client/NmdcHub.cpp 2007-11-05 06:33:42.000000000 +0100
+++ linuxdcpp-1.0.1/client/NmdcHub.cpp.CVE-2008-2954 2008-07-02 13:24:18.000000000 +0200
@@ -693,10 +693,14 @@
if(fromNick.empty())
return;
+ if(param.size() < j + 2) {
+ return;
+ }
+ string msg = param.substr(j + 2);
+
OnlineUser* replyTo = findUser(rtNick);
OnlineUser* from = findUser(fromNick);
- string msg = param.substr(j + 2);
if(replyTo == NULL || from == NULL) {
if(replyTo == 0) {
// Assume it's from the hub
More information about the fedora-extras-commits
mailing list