add patch from Redhat bug#784141 which fixes a possible
buffer overflow if used with an HTTP proxy (CVE-2012-0804) approved by releng
This commit is contained in:
parent
b7196e474c
commit
f9e6b678d8
|
@ -3550,9 +3550,9 @@ connect_to_pserver (cvsroot_t *root, struct buffer **to_server_p,
|
|||
* code.
|
||||
*/
|
||||
read_line_via (from_server, to_server, &read_buf);
|
||||
sscanf (read_buf, "%s %d", write_buf, &codenum);
|
||||
count = sscanf (read_buf, "%*s %d", &codenum);
|
||||
|
||||
if ((codenum / 100) != 2)
|
||||
if (count != 1 || (codenum / 100) != 2)
|
||||
error (1, 0, "proxy server %s:%d does not support http tunnelling",
|
||||
root->proxy_hostname, proxy_port_number);
|
||||
free (read_buf);
|
||||
|
|
Loading…
Reference in New Issue