From: Nicolas Thill <nico@openwrt.org>
Date: Sat, 23 May 2009 02:36:44 +0000 (+0000)
Subject: fix stack-based buffer overflow in ntpq
X-Git-Url: http://git.openwrt.org/?a=commitdiff_plain;h=5afbedd7479c5d41804c146528c72ddfcbb795f7;p=openwrt%2Fsvn-archive%2Fpackages.git

fix stack-based buffer overflow in ntpq

SVN-Revision: 16007
---

diff --git a/net/ntpd/Makefile b/net/ntpd/Makefile
index 81280db82..d8620a57c 100644
--- a/net/ntpd/Makefile
+++ b/net/ntpd/Makefile
@@ -1,5 +1,5 @@
 #
-# Copyright (C) 2006-2008 OpenWrt.org
+# Copyright (C) 2006-2009 OpenWrt.org
 #
 # This is free software, licensed under the GNU General Public License v2.
 # See /LICENSE for more information.
@@ -10,10 +10,10 @@ include $(TOPDIR)/rules.mk
 
 PKG_NAME:=ntp
 PKG_VERSION:=4.2.4p6
-PKG_RELEASE:=2
+PKG_RELEASE:=2.1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
-PKG_SOURCE_URL:=http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/
+PKG_SOURCE_URL:=http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/
 PKG_MD5SUM:=1961c2c12b66b9046d5df37d0a41b181
 
 PKG_BUILD_DIR:=$(BUILD_DIR)/$(PKG_NAME)-$(PKG_VERSION)
diff --git a/net/ntpd/patches/901-cve-2009-0159.patch b/net/ntpd/patches/901-cve-2009-0159.patch
new file mode 100644
index 000000000..89b588f81
--- /dev/null
+++ b/net/ntpd/patches/901-cve-2009-0159.patch
@@ -0,0 +1,16 @@
+http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159
+
+--- a/ntpq/ntpq.c
++++ b/ntpq/ntpq.c
+@@ -3185,9 +3185,9 @@ cookedprint(
+ 				if (!decodeuint(value, &uval))
+ 				    output_raw = '?';
+ 				else {
+-					char b[10];
++					char b[12];
+ 
+-					(void) sprintf(b, "%03lo", uval);
++					(void) snprintf(b, sizeof b, "%03lo", uval);
+ 					output(fp, name, b);
+ 				}
+ 				break;