head	1.2;
access;
symbols
	OPENPKG_E1_MP_HEAD:1.2
	OPENPKG_E1_MP:1.2
	OPENPKG_E1_MP_2_STABLE:1.2
	OPENPKG_E1_FP:1.2
	OPENPKG_2_STABLE_20061018:1.2
	OPENPKG_2_STABLE:1.2.0.4
	OPENPKG_2_STABLE_BP:1.2
	OPENPKG_2_5_SOLID:1.2.0.2
	OPENPKG_2_5_SOLID_BP:1.2
	OPENPKG_2_3_SOLID:1.1.0.4
	OPENPKG_2_4_SOLID:1.1.0.2;
locks; strict;
comment	@# @;


1.2
date	2005.10.03.07.41.48;	author rse;	state dead;
branches;
next	1.1;

1.1
date	2005.09.05.15.01.09;	author rse;	state Exp;
branches
	1.1.2.1
	1.1.4.1;
next	;

1.1.2.1
date	2005.09.05.15.02.27;	author rse;	state Exp;
branches;
next	;

1.1.4.1
date	2005.09.05.15.06.05;	author rse;	state Exp;
branches;
next	;


desc
@@


1.2
log
@upgrading package: str 0.9.10 -> 0.9.11
@
text
@Security Fix (CAN-2005-2491, partially only)

Index: str_pcre.c
--- str_pcre.c.orig	2003-01-28 10:10:39 +0100
+++ str_pcre.c	2005-09-05 16:22:43 +0200
@@@@ -674,6 +674,10 @@@@
 
 	while ((cd->ctypes[*p] & ctype_digit) != 0)
 		min = min * 10 + *p++ - '0';
+	if (min < 0 || min > 65535) {
+	    *errorptr = ERR5;
+	    return p;
+	}
 
 	if (*p == '}')
 		max = min;
@@@@ -682,6 +686,10 @@@@
 			max = 0;
 			while ((cd->ctypes[*p] & ctype_digit) != 0)
 				max = max * 10 + *p++ - '0';
+			if (max < 0 || max > 65535) {
+			    *errorptr = ERR5;
+			    return p;
+			}
 			if (max < min) {
 				*errorptr = ERR4;
 				return p;
@


1.1
log
@apply Security Fix (CAN-2005-2491, partially)
@
text
@@


1.1.4.1
log
@apply Security Fix (CAN-2005-2491, partially)
@
text
@@


1.1.2.1
log
@apply Security Fix (CAN-2005-2491, partially)
@
text
@@