1 files changed, 0 insertions, 62 deletions

diff --git a/network/thttpd/patches/additional-input-validation-httpd.c.diff b/network/thttpd/patches/additional-input-validation-httpd.c.diff
deleted file mode 100644
index 04f59eac8e..0000000000
--- a/network/thttpd/patches/additional-input-validation-httpd.c.diff
+++ /dev/null
@@ -1,62 +0,0 @@
---- thttpd-2.25b/extras/htpasswd.c.orig	2006-03-31 04:12:42.281317000 +0000
-+++ thttpd-2.25b/extras/htpasswd.c	2006-03-31 05:21:37.741632392 +0000
-@@ -151,6 +151,7 @@ void interrupted(int signo) {
- int main(int argc, char *argv[]) {
-     FILE *tfp,*f;
-     char user[MAX_STRING_LEN];
-+    char pwfilename[MAX_STRING_LEN];
-     char line[MAX_STRING_LEN];
-     char l[MAX_STRING_LEN];
-     char w[MAX_STRING_LEN];
-@@ -168,6 +169,25 @@ int main(int argc, char *argv[]) {
-             perror("fopen");
-             exit(1);
-         }
-+        if (strlen(argv[2]) > (sizeof(pwfilename) - 1)) {
-+            fprintf(stderr, "%s: filename is too long\n", argv[0]);
-+	    exit(1);
-+        }
-+        if (((strchr(argv[2], ';')) != NULL) || ((strchr(argv[2], '>')) != NULL)) {
-+	    fprintf(stderr, "%s: filename contains an illegal character\n",
-+		argv[0]);
-+	    exit(1);
-+        }
-+        if (strlen(argv[3]) > (sizeof(user) - 1)) {
-+	    fprintf(stderr, "%s: username is too long\n", argv[0],
-+		sizeof(user) - 1);
-+	    exit(1);
-+        }
-+        if ((strchr(argv[3], ':')) != NULL) {
-+            fprintf(stderr, "%s: username contains an illegal character\n",
-+                argv[0]);
-+            exit(1);
-+        }
-         printf("Adding password for %s.\n",argv[3]);
-         add_password(argv[3],tfp);
-         fclose(tfp);
-@@ -180,6 +200,25 @@ int main(int argc, char *argv[]) {
-         exit(1);
-     }
- 
-+    if (strlen(argv[1]) > (sizeof(pwfilename) - 1)) {
-+        fprintf(stderr, "%s: filename is too long\n", argv[0]);
-+        exit(1);
-+    }
-+    if (((strchr(argv[1], ';')) != NULL) || ((strchr(argv[1], '>')) != NULL)) {
-+        fprintf(stderr, "%s: filename contains an illegal character\n",
-+                argv[0]);
-+        exit(1);
-+    }
-+    if (strlen(argv[2]) > (sizeof(user) - 1)) {
-+        fprintf(stderr, "%s: username is too long\n", argv[0],
-+                sizeof(user) - 1);
-+        exit(1);
-+    }
-+    if ((strchr(argv[2], ':')) != NULL) {
-+        fprintf(stderr, "%s: username contains an illegal character\n",
-+                argv[0]);
-+        exit(1);
-+    }
-     if(!(f = fopen(argv[1],"r"))) {
-         fprintf(stderr,
-                 "Could not open passwd file %s for reading.\n",argv[1]);