diff options
author | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 21:03:06 +0100 |
---|---|---|
committer | V3n3RiX <venerix@redcorelinux.org> | 2018-07-14 21:03:06 +0100 |
commit | 8376ef56580626e9c0f796d5b85b53a0a1c7d5f5 (patch) | |
tree | 7681bbd4e8b05407772df40a4bf04cbbc8afc3fa /games-strategy/dopewars/files/dopewars-1.5.12-CVE-2009-3591.patch | |
parent | 30a9caf154332f12ca60756e1b75d2f0e3e1822d (diff) |
gentoo resync : 14.07.2018
Diffstat (limited to 'games-strategy/dopewars/files/dopewars-1.5.12-CVE-2009-3591.patch')
-rw-r--r-- | games-strategy/dopewars/files/dopewars-1.5.12-CVE-2009-3591.patch | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/games-strategy/dopewars/files/dopewars-1.5.12-CVE-2009-3591.patch b/games-strategy/dopewars/files/dopewars-1.5.12-CVE-2009-3591.patch new file mode 100644 index 000000000000..3b8b066a81cd --- /dev/null +++ b/games-strategy/dopewars/files/dopewars-1.5.12-CVE-2009-3591.patch @@ -0,0 +1,20 @@ +Patch for CVE-2009-3591 -- bug 288295. + +Fetched from upstream SVN: +http://dopewars.svn.sourceforge.net/viewvc/dopewars/dopewars/trunk/src/serverside.c?r1=1033&r2=1032&pathrev=1033 + +--- trunk/src/serverside.c 2009/03/10 07:18:49 1032 ++++ trunk/src/serverside.c 2009/10/05 04:11:32 1033 +@@ -504,6 +504,12 @@ + break; + case C_REQUESTJET: + i = atoi(Data); ++ /* Make sure value is within range */ ++ if (i < 0 || i >= NumLocation) { ++ dopelog(3, LF_SERVER, _("%s: DENIED jet to invalid location %s"), ++ GetPlayerName(Play), Data); ++ break; ++ } + if (Play->EventNum == E_FIGHT || Play->EventNum == E_FIGHTASK) { + if (CanRunHere(Play)) { + break; |