From 78b054312b6c6e22a862c94d7a544f44c5161eb3 Mon Sep 17 00:00:00 2001
From: Laurent Bercot <ska-adelie@skarnet.org>
Date: Thu, 21 May 2020 11:41:37 +0000
Subject: user/netqmail: fix CVE-2005-1513

---
 user/netqmail/0005-CVE-2005-1513.patch | 19 +++++++++++++++++++
 1 file changed, 19 insertions(+)
 create mode 100644 user/netqmail/0005-CVE-2005-1513.patch

(limited to 'user/netqmail/0005-CVE-2005-1513.patch')

diff --git a/user/netqmail/0005-CVE-2005-1513.patch b/user/netqmail/0005-CVE-2005-1513.patch
new file mode 100644
index 000000000..3b3876cb3
--- /dev/null
+++ b/user/netqmail/0005-CVE-2005-1513.patch
@@ -0,0 +1,19 @@
+diff -rNU3 netqmail-1.06.old/alloc.c netqmail-1.06/alloc.c
+--- netqmail-1.06.old/alloc.c	1998-06-15 10:53:16.000000000 +0000
++++ netqmail-1.06/alloc.c	2020-05-21 11:33:24.689739728 +0000
+@@ -1,3 +1,4 @@
++#include <limits.h>
+ #include "alloc.h"
+ #include "error.h"
+ extern char *malloc();
+@@ -15,6 +16,10 @@
+ unsigned int n;
+ {
+   char *x;
++  if (n >= (INT_MAX >> 3)) {
++    errno = error_nomem;
++    return 0;
++  }
+   n = ALIGNMENT + n - (n & (ALIGNMENT - 1)); /* XXX: could overflow */
+   if (n <= avail) { avail -= n; return space + avail; }
+   x = malloc(n);
-- 
cgit v1.2.3-70-g09d2