pkgsrc-ng/net/nagios-base/patches/patch-cgi_avail.c

$NetBSD: patch-cgi_avail.c,v 1.1 2014/04/02 10:22:37 he Exp $

Fix off-by-one vulnerabilities, ref. http://secunia.com/advisories/55976/

--- cgi/avail.c.orig	2012-02-03 15:23:14.000000000 +0000
+++ cgi/avail.c
@@ -1141,7 +1141,6 @@ int process_cgivars(void) {
 
 		/* do some basic length checking on the variable identifier to prevent buffer overflows */
 		if(strlen(variables[x]) >= MAX_INPUT_BUFFER - 1) {
-			x++;
 			continue;
 			}