CVS commit: [netbsd-5-0] src

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: [netbsd-5-0] src
From: Jeff Rizzo <riz%netbsd.org@localhost>
Date: Mon, 19 Jul 2010 18:15:18 +0000

Module Name:    src
Committed By:   riz
Date:           Mon Jul 19 18:15:18 UTC 2010

Modified Files:
        src/crypto/dist/ssh [netbsd-5-0]: sftp-glob.c sftp.c
        src/lib/libc/gen [netbsd-5-0]: glob.3 glob.c

Log Message:
Pull up following revision(s) (requested by christos in ticket #1430):
        lib/libc/gen/glob.c: revision 1.25
        lib/libc/gen/glob.c: revision 1.26
        lib/libc/gen/glob.3: revision 1.37
        crypto/dist/ssh/sftp.c: patch
        crypto/dist/ssh/sftp-glob.c: patch
Add GLOB_LIMIT to the glob calls to prevent DoS attacks.
Apply more limits to GLOB_LIMIT, number of stat(2) calls from me and number
of readdir(3) calls from Maksymilian Arciemowicz. Also reduce the memory
used by matches strings from Maksymilian Arciemowicz.
Avoid DoS attacks for patterns that have braces. Noted by Maksymilian
Arciemowicz.
XXX: Pullup to 5.x


To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.13.28.1 src/crypto/dist/ssh/sftp-glob.c
cvs rdiff -u -r1.23 -r1.23.12.1 src/crypto/dist/ssh/sftp.c
cvs rdiff -u -r1.32 -r1.32.14.1 src/lib/libc/gen/glob.3
cvs rdiff -u -r1.23 -r1.23.10.1 src/lib/libc/gen/glob.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: [netbsd-5] src/doc
Next by Date: CVS commit: [netbsd-5-0] src/doc
Previous by Thread: CVS commit: [netbsd-5] src/doc
Next by Thread: CVS commit: [netbsd-5-0] src/doc
Indexes:

Home | Main Index | Thread Index | Old Index