SecBSD's official ports repository
This commit is contained in:
commit
2c0afcbbf3
GPG key ID:
F42C07F07E2E35B7
64331 changed files with 5339189 additions and 0 deletions
23
audio/libcdaudio/patches/patch-src_cddb_c
Normal file
23
audio/libcdaudio/patches/patch-src_cddb_c
Normal file
|
|
@ -0,0 +1,23 @@
|
|||
Security fix for CVE-2008-5030
|
||||
Patch extracted from Debian's 02-cddb-bufferoverflow.dpatch
|
||||
|
||||
--- src/cddb.c.orig Tue Jan 13 17:38:52 2009
|
||||
+++ src/cddb.c Tue Jan 13 17:40:28 2009
|
||||
@@ -1052,7 +1052,7 @@ cddb_query(int cd_desc, int sock,
|
||||
}
|
||||
|
||||
query->query_matches = 0;
|
||||
- while(!cddb_read_line(sock, inbuffer, 256)) {
|
||||
+ while(query->query_matches < MAX_INEXACT_MATCHES && !cddb_read_line(sock, inbuffer, 256)) {
|
||||
slashed = 0;
|
||||
if(strchr(inbuffer, '/') != NULL && parse_disc_artist) {
|
||||
index = 0;
|
||||
@@ -1679,7 +1679,7 @@ cddb_read_disc_data(int cd_desc, struct disc_data *out
|
||||
free(file);
|
||||
|
||||
while(!feof(cddb_data)) {
|
||||
- fgets(inbuffer, 512, cddb_data);
|
||||
+ fgets(inbuffer, 256, cddb_data);
|
||||
cddb_process_line(inbuffer, data);
|
||||
}
|
||||
|
||||
Loading…
Add table
Add a link
Reference in a new issue