From owner-cvs-all  Sun Mar 31  0:20:39 2002
Delivered-To: cvs-all@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP
	id A220A37B41C; Sun, 31 Mar 2002 00:20:28 -0800 (PST)
Received: (from lioux@localhost)
	by freefall.freebsd.org (8.11.6/8.11.6) id g2V8KSX27932;
	Sun, 31 Mar 2002 00:20:28 -0800 (PST)
	(envelope-from lioux)
Message-Id: <200203310820.g2V8KSX27932@freefall.freebsd.org>
From: Mario Sergio Fujikawa Ferreira <lioux@FreeBSD.org>
Date: Sun, 31 Mar 2002 00:20:28 -0800 (PST)
To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org
Subject: cvs commit: ports/mail/qpopper Makefile ports/mail/qpopper/files
         patch-popper::popper.c
X-FreeBSD-CVS-Branch: HEAD
Sender: owner-cvs-all@FreeBSD.ORG
Precedence: bulk
List-ID: <cvs-all.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20cvs-all>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20cvs-all>
X-Loop: FreeBSD.ORG

lioux       2002/03/31 00:20:28 PST

  Modified files:
    mail/qpopper         Makefile 
  Added files:
    mail/qpopper/files   patch-popper::popper.c 
  Log:
  Fix following security issue: "If a string of longer than approximately
  2048 characters is sent to the qpopper process, a denial of service
  condition will occur"
  
  Actually, this is caused by an incorrect assumption. qpopper uses
  the same buffer over and over when communicating. However, it never
  makes sure that the buffer has been updated if something goes wrong.
  Therefore, one can try to add to this buffer over and over; thus,
  consuming available resources.
  
  Solution, do not follow unofficial patch available in bugtraq mailing
  list since losing pointer references is not an option. Otherwise,
  change the way both getline and tgetline functions work. Just so
  that they resemble read(2) return codes as follows:
  
  1) if < 0 problem
  2) if >= 0 user typed something (enter without anything else is
     something)
  
  First patch sent by Isao SEKI <iseki@gongon.com>
  
  PR:             36326
  Prompted by:    Alessandro de Manzano <ale@unixmania.net>,
                  Isao SEKI <iseki@gongon.com>
  Reviewed by:    eivind,
                  Alessandro de Manzano <ale@unixmania.net>,
                  David Rufino <dr@soniq.net>,
                  Isao SEKI <iseki@gongon.com>
  
  Revision  Changes    Path
  1.64      +1 -1      ports/mail/qpopper/Makefile
  1.1       +116 -0    ports/mail/qpopper/files/patch-popper::popper.c (new)

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message