wget/wget-CVE-2006-6719.patch

17 lines
505 B
Diff

Fixes NULL pointer dereference (CVE-2006-6719)
================================================================================
--- src/ftp-basic.c
+++ src/ftp-basic.c
@@ -1039,7 +1039,9 @@
first word of the server response)? */
request = strtok (NULL, " ");
- if (!strcasecmp (request, "VMS"))
+ if (request == NULL)
+ *server_type = ST_OTHER;
+ else if (!strcasecmp (request, "VMS"))
*server_type = ST_VMS;
else if (!strcasecmp (request, "UNIX"))
*server_type = ST_UNIX;