From f9d475421f6dfbc7e79ad1f61af0f691bc9aa338 Mon Sep 17 00:00:00 2001 From: Jordi Mallach Date: Sat, 2 Sep 2006 11:18:00 +0000 Subject: [PATCH] Check that pnum < 0, not <= for IN_LVL, probably an oversight in the 2006-09-02 Jordi Mallach * src/tetrinet.c: Check that pnum < 0, not <= for IN_LVL, probably an oversight in the security patch. * doc/gtetrinet.6: Patch from Nelson A. de Oliveira to correct some minor bugs in the manpage (Debian Bug#325662). * NEWS: Updated for 0.7.10. --- ChangeLog | 7 ++++++- NEWS | 11 +++++++++++ src/tetrinet.c | 2 +- 3 files changed, 18 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index bc15dea..001fc61 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,8 +1,13 @@ 2006-09-02 Jordi Mallach + * src/tetrinet.c: Check that pnum < 0, not <= for IN_LVL, + probably an oversight in the security patch. + * doc/gtetrinet.6: Patch from Nelson A. de Oliveira to correct some minor bugs in the manpage (Debian Bug#325662). + * NEWS: Updated for 0.7.10. + 2006-08-17 Jordi Mallach * src/tetrinet.c: [CVE-2006-3125] Add index underflow protections @@ -44,7 +49,7 @@ * src/client.c: Patch from Julien Plissonneau Duquène to fix network latency. - * NEWS: pdate for 0.7.9. + * NEWS: Update for 0.7.9. 2005-04-15 Dani Carbonell diff --git a/NEWS b/NEWS index 51ef27e..e74d410 100644 --- a/NEWS +++ b/NEWS @@ -1,3 +1,14 @@ +GTetrinet 0.7.10 - 2006-09-02 +- SECURITY RELEASE -- Ref. CVE-2006-3125 +- Add index undeflow protections in network code. +- Require GTK+ 2.6.0. +- Fixed manpage typos. +- Require new intltool and move ALL_LINGUAS to po/LINGUAS. +- New and updated translations: Bulgarian (Alexander Shopov), + Basque (Iñaki Larrañaga), Traditional Chinese (Abel Cheung), + German (Jens Seidel), Nepali (Pawal Chitrakar), Finnish (Ilkka Tuohela), + Vietnamese (Clytie Siddall). + GTetrinet 0.7.9 - 2005-04-29 - Revamped encoding of data handling, fixing the output in partyline, etc. when using UTF-8 locales (Vidar Holen). diff --git a/src/tetrinet.c b/src/tetrinet.c index 8472643..297b34f 100644 --- a/src/tetrinet.c +++ b/src/tetrinet.c @@ -737,7 +737,7 @@ void tetrinet_inmessage (enum inmsg_type msgtype, char *data) token = strtok (data, " "); if (token == NULL) break; pnum = atoi (token); - if (pnum >= MAX_PLAYERS || pnum <= 0) + if (pnum >= MAX_PLAYERS || pnum < 0) break; token = strtok (NULL, ""); if (token == NULL) break; -- 2.50.1