#! /bin/sh /usr/share/dpatch/dpatch-run
# Description: fix denial of service and possible arbitrary code
#  execution via long SNMP response
# Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=610960
# Author: Sebastian Krahmer

@DPATCH@
diff -urNad '--exclude=CVS' '--exclude=.svn' '--exclude=.git' '--exclude=.arch' '--exclude=.hg' '--exclude=_darcs' '--exclude=.bzr' hplip-3.11.1~/io/hpmud/pml.c hplip-3.11.1/io/hpmud/pml.c
--- hplip-3.11.1~/io/hpmud/pml.c	2011-01-19 00:18:21.000000000 -0500
+++ hplip-3.11.1/io/hpmud/pml.c	2011-01-24 13:20:25.000000000 -0500
@@ -504,6 +504,8 @@
       p += 2;                               /* eat type and length */
    }
    
+   if (dLen > buf_size)
+      dLen = buf_size;
    memcpy(buf, p, dLen);
    *bytes_read = dLen; 
    *type = dt;