[47767] trunk/dports/net/djbdns

blb at macports.org blb at macports.org
Thu Mar 5 13:49:13 PST 2009 

Revision: 47767
          http://trac.macports.org/changeset/47767
Author:   blb at macports.org
Date:     2009-03-05 13:49:12 -0800 (Thu, 05 Mar 2009)
Log Message:
-----------
net/djbdns - patch response.c to avoid security issue; see
<http://marc.info/?l=djbdns&m=123613000920446&w=2>

Modified Paths:
--------------
    trunk/dports/net/djbdns/Portfile

Added Paths:
-----------
    trunk/dports/net/djbdns/files/patch-response.c.diff

Modified: trunk/dports/net/djbdns/Portfile
===================================================================
--- trunk/dports/net/djbdns/Portfile	2009-03-05 20:52:35 UTC (rev 47766)
+++ trunk/dports/net/djbdns/Portfile	2009-03-05 21:49:12 UTC (rev 47767)
@@ -3,7 +3,7 @@
 PortSystem          1.0
 name                djbdns
 version             1.05
-revision            1
+revision            2
 categories          net
 maintainers         blb openmaintainer
 description         D.J. Bernstein's DNS tools
@@ -50,7 +50,8 @@
 patchfiles          patch-Makefile \
                     patch-dnscache-conf.c \
                     patch-hier.c \
-                    patch-dnsroots.global.diff
+                    patch-dnsroots.global.diff \
+                    patch-response.c.diff
 pre-patch {
    # The build process will create a tinydns executable, so this needs to
    # be renamed on case-insensitive file systems

Added: trunk/dports/net/djbdns/files/patch-response.c.diff
===================================================================
--- trunk/dports/net/djbdns/files/patch-response.c.diff	                        (rev 0)
+++ trunk/dports/net/djbdns/files/patch-response.c.diff	2009-03-05 21:49:12 UTC (rev 47767)
@@ -0,0 +1,11 @@
+--- response.c.orig	2001-02-11 14:11:45.000000000 -0700
++++ response.c	2009-03-05 14:46:51.000000000 -0700
+@@ -34,7 +34,7 @@
+         uint16_pack_big(buf,49152 + name_ptr[i]);
+         return response_addbytes(buf,2);
+       }
+-    if (dlen <= 128)
++    if ((dlen <= 128) && (response_len < 16384))
+       if (name_num < NAMES) {
+ 	byte_copy(name[name_num],dlen,d);
+ 	name_ptr[name_num] = response_len;
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.macosforge.org/pipermail/macports-changes/attachments/20090305/0e4a1e25/attachment.html>

More information about the macports-changes mailing list