[24939] in bugtraq
Icecast temp patch (OR: Patches? We DO need stinkin' patches!!@$!)
daemon@ATHENA.MIT.EDU (Neeko Oni)
Wed Apr 3 19:44:49 2002
From: Neeko Oni <neeko@haackey.com>
Message-Id: <200204032042.g33Kg4Vh001443@haackey.com>
To: bugtraq@securityfocus.com
Date: Wed, 3 Apr 2002 12:42:03 -0800 (PST)
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="%--multipart-mixed-boundary-1.1430.1017866523--%"
--%--multipart-mixed-boundary-1.1430.1017866523--%
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
This addresses the client_login() Icecast issue:
For those who have a burning need to 'patch < patch', or just don't
want to type three lines into client.c, I've attached a small
patch to client.c (Icecast 1.3.11).
Simplicity is thy name.
(More specific: It's the suggested patch in the icx.c exploit, with
an added logging flag.)
Thanks to Diz for making this public.
.Neeko Oni
--%--multipart-mixed-boundary-1.1430.1017866523--%
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Content-Description: ASCII text
Content-Disposition: attachment; filename="ice-patch"
--- client.c Wed Aug 1 16:06:53 2001
+++ src/client.c Wed Apr 3 12:36:23 2002
@@ -103,6 +103,11 @@
xa_debug(3, "Client login...\n");
+ if (strlen(expr) > 8000) {
+ write_log(LOG_DEFAULT, "WARNING: expr greater than 8000--possible BOF attack?");
+ return;
+}
+
if (!con || !expr) {
write_log(LOG_DEFAULT, "WARNING: client_login called with NULL pointer");
return;
--%--multipart-mixed-boundary-1.1430.1017866523--%--
