[Secure-testing-team] Bug#567193: include patch from DSA to fix integer underflow
Steffen Joeris
steffen.joeris at skolelinux.de
Wed Jan 27 20:52:52 UTC 2010
Package: oftc-hybrid
Severity: grave
Tags: security patch
Hi
Please include the patch from DSA-1980-1, which fixes an integer
underflow (patch attached).
Cheers
Steffen
-------------- next part --------------
--- ircd-hybrid-7.2.2.dfsg.2.orig/src/irc_string.c
+++ ircd-hybrid-7.2.2.dfsg.2/src/irc_string.c
@@ -103,7 +103,9 @@
}
else
*d++ = *src;
- ++src, --len;
+ if (len > 0) {
+ ++src, --len;
+ }
}
*d = '\0';
return dest;
More information about the Secure-testing-team
mailing list