[CVE-2009-0159] fix stack-based buffer overflow in ntpq

SVN-Revision: 16007

diff --git a/net/ntpd/Makefile b/net/ntpd/Makefile
index 81280db821009d9b951594993fca8ea7626dd6d9..d8620a57c0cba0560ba6a42b8a2ea30421baf590 100644 (file)
--- a/net/ntpd/Makefile
+++ b/net/ntpd/Makefile
@@ -1,5 +1,5 @@
 #
-# Copyright (C) 2006-2008 OpenWrt.org
+# Copyright (C) 2006-2009 OpenWrt.org
 #
 # This is free software, licensed under the GNU General Public License v2.
 # See /LICENSE for more information.
@@ -10,10 +10,10 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ntp
 PKG_VERSION:=4.2.4p6
-PKG_RELEASE:=2
+PKG_RELEASE:=2.1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/
+PKG_SOURCE_URL:=http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/
 PKG_MD5SUM:=1961c2c12b66b9046d5df37d0a41b181
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)

diff --git a/net/ntpd/patches/901-cve-2009-0159.patch b/net/ntpd/patches/901-cve-2009-0159.patch
new file mode 100644 (file)
index 0000000..89b588f
--- /dev/null
+++ b/net/ntpd/patches/901-cve-2009-0159.patch
@@ -0,0 +1,16 @@
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159
+
+--- a/ntpq/ntpq.c
++++ b/ntpq/ntpq.c
+@@ -3185,9 +3185,9 @@ cookedprint(
+                               if (!decodeuint(value, &uval))
+                                   output_raw = '?';
+                               else {
+-                                      char b[10];
++                                      char b[12];
+ 
+-                                      (void) sprintf(b, "%03lo", uval);
++                                      (void) snprintf(b, sizeof b, "%03lo", uval);
+                                       output(fp, name, b);
+                               }
+                               break;