freebsd-ports/archivers/lha/files/patch-dir_length_bounds_check

--- src/header.c	2002-07-19 17:23:58.000000000 +0900
+++ src/header.c	2004-06-16 09:49:23.000000000 +0900
@@ -648,8 +648,17 @@
 	}
 
 	if (dir_length) {
+		if ((dir_length + name_length) >= sizeof(dirname)) {
+			fprintf(stderr, "Insufficient buffer size\n");
+			exit(112);
+		}
 		strcat(dirname, hdr->name);
-		strcpy(hdr->name, dirname);
+
+		if ((dir_length + name_length) >= sizeof(hdr->name)) {
+			fprintf(stderr, "Insufficient buffer size\n");
+			exit(112);
+		}
+		strncpy(hdr->name, dirname, sizeof(hdr->name));
 		name_length += dir_length;
 	}
- Security fix Submitted by: eik Approved by: portmgr (eik) Obtained from: redhat 2004-09-04 21:28:25 +02:00			`--- src/header.c 2002-07-19 17:23:58.000000000 +0900`
			`+++ src/header.c 2004-06-16 09:49:23.000000000 +0900`
			`@@ -648,8 +648,17 @@`
			`}`

			`if (dir_length) {`
- Security Fix possible off by one bounds check Submitted by: Munehiro Matsuda Approved by: portmgr (marcus) 2004-09-22 08:16:54 +02:00			`+ if ((dir_length + name_length) >= sizeof(dirname)) {`
- Security fix Submitted by: eik Approved by: portmgr (eik) Obtained from: redhat 2004-09-04 21:28:25 +02:00			`+ fprintf(stderr, "Insufficient buffer size\n");`
			`+ exit(112);`
			`+ }`
			`strcat(dirname, hdr->name);`
			`- strcpy(hdr->name, dirname);`
			`+`
- Security Fix possible off by one bounds check Submitted by: Munehiro Matsuda Approved by: portmgr (marcus) 2004-09-22 08:16:54 +02:00			`+ if ((dir_length + name_length) >= sizeof(hdr->name)) {`
- Security fix Submitted by: eik Approved by: portmgr (eik) Obtained from: redhat 2004-09-04 21:28:25 +02:00			`+ fprintf(stderr, "Insufficient buffer size\n");`
			`+ exit(112);`
			`+ }`
			`+ strncpy(hdr->name, dirname, sizeof(hdr->name));`
			`name_length += dir_length;`
			`}`