sources/wu-ftpd-realpath.patch

   1 A vulnerability has been found in the current versions of wu-ftpd, follow
   2 the links from http://www.wu-ftpd.org/ for details.
   3
   4 Included below is a patch for CAN-2003-0466 to be applied to wu-ftpd 2.6.2.
   5
   6 --- src/realpath.c.orig Mon Aug  4 11:20:19 2003
   7 +++ src/realpath.c      Mon Aug  4 11:23:22 2003
   8 @@ -299,7 +299,7 @@
   9         rootd = 0;
  10
  11      if (*wbuf) {
  12 -       if (strlen(resolved) + strlen(wbuf) + rootd + 1 > MAXPATHLEN) {
  13 +       if (strlen(resolved) + strlen(wbuf) + !rootd + 1 > MAXPATHLEN) {
  14             errno = ENAMETOOLONG;
  15             goto err1;
  16         }
  17