Mario Sergio Fujikawa Ferreira ab5f0a8e59 Fix following security issue: "If a string of longer than approximately ... 2048 characters is sent to the qpopper process, a denial of service condition will occur" Actually, this is caused by an incorrect assumption. qpopper uses the same buffer over and over when communicating. However, it never makes sure that the buffer has been updated if something goes wrong. Therefore, one can try to add to this buffer over and over; thus, consuming available resources. Solution, do not follow unofficial patch available in bugtraq mailing list since losing pointer references is not an option. Otherwise, change the way both getline and tgetline functions work. Just so that they resemble read(2) return codes as follows: 1) if < 0 problem 2) if >= 0 user typed something (enter without anything else is something) First patch sent by Isao SEKI <iseki@gongon.com> PR: 36326 Prompted by: Alessandro de Manzano <ale@unixmania.net>, Isao SEKI <iseki@gongon.com> Reviewed by: eivind, Alessandro de Manzano <ale@unixmania.net>, David Rufino <dr@soniq.net>, Isao SEKI <iseki@gongon.com>		2002-03-31 08:20:28 +00:00
..
files	Fix following security issue: "If a string of longer than approximately	2002-03-31 08:20:28 +00:00
scripts	Use a "q"-prefix everywhere, to avoid conflicts with the popper	2000-07-19 07:31:26 +00:00
distinfo	Chase Makefile rev 1.58 update and update ipv6 patch in sync	2001-06-02 23:31:06 +00:00
Makefile	Fix following security issue: "If a string of longer than approximately	2002-03-31 08:20:28 +00:00
pkg-comment
pkg-descr	Add a WWW.	2000-05-23 08:56:48 +00:00
pkg-install	1) instead of "stealthly" installing a file with a user list that	2001-10-05 03:48:34 +00:00
pkg-message	Fix the qpopper path in pkg-message. It is now properly replaced	2001-03-30 13:15:38 +00:00
pkg-plist	1) instead of "stealthly" installing a file with a user list that	2001-10-05 03:48:34 +00:00
pkg-req