File: CVE-2006-0048.patch

package info (click to toggle)
tcpick 0.2.1-12
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 1,184 kB
  • sloc: ansic: 2,557; sh: 931; makefile: 16
file content (18 lines) | stat: -rw-r--r-- 484 bytes parent folder | download | duplicates (3) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
 
Description: Fix for CVE-2006-0048
Author: Cédric Delfosse <cedric@debian.org>
Origin: vendor
Bug-Debian: http://bugs.debian.org/360571
Last-Update: 2006-04-14

--- a/src/write.c
+++ b/src/write.c
@@ -241,6 +241,9 @@
 	if( flags.separator && ( out == stdout ) ) /* FIXME: sucks? */
 		color( c_SEPARATOR, stdout, SEPARATOR "\n" );
 
+	/* Temporary fix for CVE-2006-0048 */
+	if (buflen < 0) buflen = 0;
+	
 	switch ( flavour ) {
 	case HEX_ASCII_DUMP:
 		out_xa( out, buf, buflen );