Module Name: src
Committed By: riz
Date: Mon Jul 19 18:14:09 UTC 2010
Modified Files:
src/crypto/dist/ssh [netbsd-5]: sftp-glob.c sftp.c
src/lib/libc/gen [netbsd-5]: glob.3 glob.c
Log Message:
Pull up following revision(s) (requested by christos in ticket #1430):
lib/libc/gen/glob.c: revision 1.25
lib/libc/gen/glob.c: revision 1.26
lib/libc/gen/glob.3: revision 1.37
crypto/dist/ssh/sftp.c: patch
crypto/dist/ssh/sftp-glob.c: patch
Add GLOB_LIMIT to the glob calls to prevent DoS attacks.
Apply more limits to GLOB_LIMIT, number of stat(2) calls from me and number
of readdir(3) calls from Maksymilian Arciemowicz. Also reduce the memory
used by matches strings from Maksymilian Arciemowicz.
Avoid DoS attacks for patterns that have braces. Noted by Maksymilian
Arciemowicz.
XXX: Pullup to 5.x
To generate a diff of this commit:
cvs rdiff -u -r1.13 -r1.13.24.1 src/crypto/dist/ssh/sftp-glob.c
cvs rdiff -u -r1.23 -r1.23.8.1 src/crypto/dist/ssh/sftp.c
cvs rdiff -u -r1.32 -r1.32.8.1 src/lib/libc/gen/glob.3
cvs rdiff -u -r1.23 -r1.23.4.1 src/lib/libc/gen/glob.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
