Received: by mail.netbsd.org (Postfix, from userid 0) id 40AEA63B104; Thu, 5 Aug 2010 01:43:23 +0000 (UTC) Received: from cvs.netbsd.org (cvs.NetBSD.org [IPv6:2001:4f8:3:7:2e0:81ff:fe30:95bd]) by mail.netbsd.org (Postfix) with ESMTP id CB33C63B100 for ; Thu, 5 Aug 2010 01:43:21 +0000 (UTC) Received: by cvs.netbsd.org (Postfix, from userid 500) id 932C7175DF; Thu, 5 Aug 2010 01:43:21 +0000 (UTC) MIME-Version: 1.0 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain Date: Thu, 5 Aug 2010 01:43:21 +0000 From: Jeff Rizzo Subject: CVS commit: [netbsd-4] src To: source-changes@NetBSD.org X-Mailer: log_accum Message-Id: <20100805014321.932C7175DF@cvs.netbsd.org> Sender: source-changes-owner@NetBSD.org List-Id: source-changes.NetBSD.org Precedence: list Reply-To: source-changes-d@NetBSD.org Mail-Reply-To: Jeff Rizzo Mail-Followup-To: source-changes-d@NetBSD.org Module Name: src Committed By: riz Date: Thu Aug 5 01:43:21 UTC 2010 Modified Files: src/crypto/dist/ssh [netbsd-4]: sftp-glob.c sftp.c src/lib/libc/gen [netbsd-4]: glob.3 glob.c Log Message: Pull up following revision(s) (requested by christos in ticket #1399): lib/libc/gen/glob.c: patch lib/libc/gen/glob.3: revision 1.37 via patch crypto/dist/ssh/sftp.c: patch crypto/dist/ssh/sftp-glob.c: patch Add GLOB_LIMIT to the glob calls to prevent DoS attacks. Apply more limits to GLOB_LIMIT, number of stat(2) calls from me and number of readdir(3) calls from Maksymilian Arciemowicz. Also reduce the memory used by matches strings from Maksymilian Arciemowicz. To generate a diff of this commit: cvs rdiff -u -r1.13 -r1.13.2.1 src/crypto/dist/ssh/sftp-glob.c cvs rdiff -u -r1.21 -r1.21.2.1 src/crypto/dist/ssh/sftp.c cvs rdiff -u -r1.30 -r1.30.4.1 src/lib/libc/gen/glob.3 cvs rdiff -u -r1.18 -r1.18.2.1 src/lib/libc/gen/glob.c Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.