wget/wget-1.10.2-CVE-2006-6719.patch

16 lines
579 B
Diff
Raw Permalink Normal View History

Fixes NULL pointer dereference (CVE-2006-6719) (bz #221483)
--- wget-1.10.2/src/ftp-basic.c.orig 2007-01-04 19:30:31.000000000 +0100
+++ wget-1.10.2/src/ftp-basic.c 2007-01-04 19:31:48.000000000 +0100
@@ -1038,7 +1038,9 @@ ftp_syst (int csock, enum stype *server_
first word of the server response)? */
request = strtok (NULL, " ");
- if (!strcasecmp (request, "VMS"))
+ if (request == NULL)
+ *server_type = ST_OTHER;
+ else if (!strcasecmp (request, "VMS"))
*server_type = ST_VMS;
else if (!strcasecmp (request, "UNIX"))
*server_type = ST_UNIX;