diff options
| author | Robby Workman <rworkman@slackbuilds.org> | 2011-03-14 16:16:10 -0500 |
|---|---|---|
| committer | Robby Workman <rworkman@slackbuilds.org> | 2011-03-14 16:16:10 -0500 |
| commit | 43e17f44b22c85caf2bf9278db6b940dc3a93f2b (patch) | |
| tree | 8b113755e3bed1889de73e81512559b64386c9ac /network/thttpd/patches/additional-input-validation-httpd.c.diff | |
| parent | a7ea463fff1c1d11c4d6596bfa7b56f96c78dc95 (diff) | |
| download | slackbuilds-43e17f44b22c85caf2bf9278db6b940dc3a93f2b.tar.gz | |
network/thttpd: Removed (unmaintained)
Reference: http://lists.slackbuilds.org/pipermail/slackbuilds-users/2010-October/006576.html
Signed-off-by: Heinz Wiesinger <pprkut@slackbuilds.org>
Signed-off-by: Robby Workman <rworkman@slackbuilds.org>
Diffstat (limited to 'network/thttpd/patches/additional-input-validation-httpd.c.diff')
| -rw-r--r-- | network/thttpd/patches/additional-input-validation-httpd.c.diff | 62 |
1 files changed, 0 insertions, 62 deletions
diff --git a/network/thttpd/patches/additional-input-validation-httpd.c.diff b/network/thttpd/patches/additional-input-validation-httpd.c.diff deleted file mode 100644 index 04f59eac8e..0000000000 --- a/network/thttpd/patches/additional-input-validation-httpd.c.diff +++ /dev/null @@ -1,62 +0,0 @@ ---- thttpd-2.25b/extras/htpasswd.c.orig 2006-03-31 04:12:42.281317000 +0000 -+++ thttpd-2.25b/extras/htpasswd.c 2006-03-31 05:21:37.741632392 +0000 -@@ -151,6 +151,7 @@ void interrupted(int signo) { - int main(int argc, char *argv[]) { - FILE *tfp,*f; - char user[MAX_STRING_LEN]; -+ char pwfilename[MAX_STRING_LEN]; - char line[MAX_STRING_LEN]; - char l[MAX_STRING_LEN]; - char w[MAX_STRING_LEN]; -@@ -168,6 +169,25 @@ int main(int argc, char *argv[]) { - perror("fopen"); - exit(1); - } -+ if (strlen(argv[2]) > (sizeof(pwfilename) - 1)) { -+ fprintf(stderr, "%s: filename is too long\n", argv[0]); -+ exit(1); -+ } -+ if (((strchr(argv[2], ';')) != NULL) || ((strchr(argv[2], '>')) != NULL)) { -+ fprintf(stderr, "%s: filename contains an illegal character\n", -+ argv[0]); -+ exit(1); -+ } -+ if (strlen(argv[3]) > (sizeof(user) - 1)) { -+ fprintf(stderr, "%s: username is too long\n", argv[0], -+ sizeof(user) - 1); -+ exit(1); -+ } -+ if ((strchr(argv[3], ':')) != NULL) { -+ fprintf(stderr, "%s: username contains an illegal character\n", -+ argv[0]); -+ exit(1); -+ } - printf("Adding password for %s.\n",argv[3]); - add_password(argv[3],tfp); - fclose(tfp); -@@ -180,6 +200,25 @@ int main(int argc, char *argv[]) { - exit(1); - } - -+ if (strlen(argv[1]) > (sizeof(pwfilename) - 1)) { -+ fprintf(stderr, "%s: filename is too long\n", argv[0]); -+ exit(1); -+ } -+ if (((strchr(argv[1], ';')) != NULL) || ((strchr(argv[1], '>')) != NULL)) { -+ fprintf(stderr, "%s: filename contains an illegal character\n", -+ argv[0]); -+ exit(1); -+ } -+ if (strlen(argv[2]) > (sizeof(user) - 1)) { -+ fprintf(stderr, "%s: username is too long\n", argv[0], -+ sizeof(user) - 1); -+ exit(1); -+ } -+ if ((strchr(argv[2], ':')) != NULL) { -+ fprintf(stderr, "%s: username contains an illegal character\n", -+ argv[0]); -+ exit(1); -+ } - if(!(f = fopen(argv[1],"r"))) { - fprintf(stderr, - "Could not open passwd file %s for reading.\n",argv[1]); |