Final Project for Security and Privacy CS 600.443# CVE-2011-4862
Final Project for Security and Privacy CS 600.443 | Fall 2018
I originally tried to use diff to make a patch. I patched it the way I thought it would be, before looking at the real patch. encrypt.patch is this original patch that I made with teh diff. However, when we tried applying this patch to freeBSD, it would not accept it.
Instead, I had to fetch the real patch. I then changed the patch to implement the fix the way I originally thought it should. This works because it puts the whole path into the patch.
In the patch, I simply check the length compared to MAXLENGTH. If it's bigger than that, set it to 0. This way, it falls into the case of len = 0, which errors out. This fixes it!
Here is an explanation of how to apply a patch in freeBSD. https://www.freebsd.org/security/advisories/FreeBSD-SA-11:08.telnetd.asc Simply use this patch instead of fetching the real one. It will work, and you will no longer be able to exploit the buffer overflow.
[4.0K] /data/pocs/e8f1d04698473b14e24a1fa78cd59b4845191746
├── [ 713] patch.c
└── [ 980] README.md
0 directories, 2 files