head	1.2;
access;
symbols
	OPENPKG_2_STABLE_MP:1.1
	OPENPKG_2_STABLE:1.1.0.2;
locks; strict;
comment	@# @;


1.2
date	2007.06.22.10.54.02;	author rse;	state dead;
branches;
next	1.1;
commitid	ZbFoU2hEtnBxHTms;

1.1
date	2007.01.20.23.15.44;	author rse;	state Exp;
branches
	1.1.2.1;
next	;
commitid	qwitDdTCiJQTIi3s;

1.1.2.1
date	2007.01.20.23.15.44;	author thl;	state dead;
branches;
next	1.1.2.2;
commitid	buiDpkvFRFCkgB5s;

1.1.2.2
date	2007.02.07.20.36.25;	author thl;	state Exp;
branches;
next	;
commitid	buiDpkvFRFCkgB5s;


desc
@@


1.2
log
@new OpenPKG world order: upgrade from Apache 1.3 to 2.2 (part 1/3: updated/new packages)
@
text
@Security Fix (CVE-2005-0108)
http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-01-02

Index: mod_auth_radius.c
--- mod_auth_radius.c.orig	2003-03-24 20:16:15 +0100
+++ mod_auth_radius.c	2007-01-21 00:12:03 +0100
@@@@ -971,9 +971,12 @@@@
   }
   return attr;
 }
-#define radcpy(STRING, ATTR) {memcpy(STRING, ATTR->data, ATTR->length - 2); \
-                              (STRING)[ATTR->length - 2] = 0;}
 
+#define radcpy(STRING, ATTR) do { \
+				  unsigned char len = ATTR->length; \
+				  if (len >= 2) len-=2; \
+				  memcpy(STRING, ATTR->data, len); \
+				  (STRING)[len] = 0;} while (0)
 
 /* authentication module utility functions */
 static int
@


1.1
log
@Security Fix (CVE-2005-0108)
@
text
@@


1.1.2.1
log
@file apache.patch.modauthradius was added on branch OPENPKG_2_STABLE on 2007-02-07 20:36:24 +0000
@
text
@d1 21
@


1.1.2.2
log
@MFC: make up leeway for 2_STABLE by virtue of build-time results
@
text
@a0 21
Security Fix (CVE-2005-0108)
http://security.lss.hr/en/index.php?page=details&ID=LSS-2005-01-02

Index: mod_auth_radius.c
--- mod_auth_radius.c.orig	2003-03-24 20:16:15 +0100
+++ mod_auth_radius.c	2007-01-21 00:12:03 +0100
@@@@ -971,9 +971,12 @@@@
   }
   return attr;
 }
-#define radcpy(STRING, ATTR) {memcpy(STRING, ATTR->data, ATTR->length - 2); \
-                              (STRING)[ATTR->length - 2] = 0;}
 
+#define radcpy(STRING, ATTR) do { \
+				  unsigned char len = ATTR->length; \
+				  if (len >= 2) len-=2; \
+				  memcpy(STRING, ATTR->data, len); \
+				  (STRING)[len] = 0;} while (0)
 
 /* authentication module utility functions */
 static int
@