Sophie

Sophie

distrib > Mandriva > 2006.0 > x86_64 > by-pkgid > 017bcc0984e9ef749f829aaf593f1e94 > files > 2

proftpd-1.2.10-13.3.20060mdk.src.rpm

Index: support.c
===================================================================
RCS file: /cvsroot/proftp/proftpd/src/support.c,v
retrieving revision 1.69
diff -u -u -r1.69 support.c
--- support.c	13 Jul 2004 17:53:31 -0000	1.69
+++ support.c	28 Nov 2006 15:46:34 -0000
@@ -771,6 +771,12 @@
     if ((r = va_arg(args, char *)) == NULL)
       break;
     blen += (strlen(r) - strlen(m));
+    if (blen < 0) {
+      /* Integer overflow. In order to overflow this, somebody must be
+       * doing something very strange.
+       */
+      return s;
+    }
     marr[mlen] = m;
     rarr[mlen++] = r;
   }
@@ -818,10 +824,11 @@
     }
 
     if (!*mptr) {
-      if ((cp - pbuf + 1) > blen) {
+      if ((cp - pbuf + 1) >= blen) {
 	pr_log_pri(PR_LOG_ERR,
 		"WARNING: attempt to overflow internal ProFTPD buffers");
 	cp = pbuf + blen - 1;
+	goto done;
       }
       *cp++ = *src++;
     }

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional