diff options
Diffstat (limited to 'www-client/w3m/files/w3m-CVE-2010-2074.patch')
-rw-r--r-- | www-client/w3m/files/w3m-CVE-2010-2074.patch | 55 |
1 files changed, 0 insertions, 55 deletions
diff --git a/www-client/w3m/files/w3m-CVE-2010-2074.patch b/www-client/w3m/files/w3m-CVE-2010-2074.patch deleted file mode 100644 index 2863932824c..00000000000 --- a/www-client/w3m/files/w3m-CVE-2010-2074.patch +++ /dev/null @@ -1,55 +0,0 @@ -Index: istream.c -=================================================================== ---- istream.c -+++ istream.c -@@ -447,8 +447,17 @@ ssl_check_cert_ident(X509 * x, char *hos - - if (!seen_dnsname) - seen_dnsname = Strnew(); -+ /* replace \0 to make full string visible to user */ -+ if (sl != strlen(sn)) { -+ int i; -+ for (i = 0; i < sl; ++i) { -+ if (!sn[i]) -+ sn[i] = '!'; -+ } -+ } - Strcat_m_charp(seen_dnsname, sn, " ", NULL); -- if (ssl_match_cert_ident(sn, sl, hostname)) -+ if (sl == strlen(sn) /* catch \0 in SAN */ -+ && ssl_match_cert_ident(sn, sl, hostname)) - break; - } - } -@@ -466,16 +475,27 @@ ssl_check_cert_ident(X509 * x, char *hos - if (match_ident == FALSE && ret == NULL) { - X509_NAME *xn; - char buf[2048]; -+ int slen; - - xn = X509_get_subject_name(x); - -- if (X509_NAME_get_text_by_NID(xn, NID_commonName, -- buf, sizeof(buf)) == -1) -+ slen = X509_NAME_get_text_by_NID(xn, NID_commonName, buf, sizeof(buf)); -+ if ( slen == -1) - /* FIXME: gettextize? */ - ret = Strnew_charp("Unable to get common name from peer cert"); -- else if (!ssl_match_cert_ident(buf, strlen(buf), hostname)) -+ else if (slen != strlen(buf) -+ || !ssl_match_cert_ident(buf, strlen(buf), hostname)) { -+ /* replace \0 to make full string visible to user */ -+ if (slen != strlen(buf)) { -+ int i; -+ for (i = 0; i < slen; ++i) { -+ if (!buf[i]) -+ buf[i] = '!'; -+ } -+ } - /* FIXME: gettextize? */ - ret = Sprintf("Bad cert ident %s from %s", buf, hostname); -+ } - else - match_ident = TRUE; - } - |