releasing version 2.17-6

git-svn-id: file:///srv/svn/joey/trunk/src/packages/bsdgames@12402 a4a2c43b-8ac3-0310-8836-e0e880c912e2

debian/changelog

@@ -1,3 +1,10 @@
+bsdgames (2.17-6) unstable; urgency=medium
+
+  * tetris-bsd: Apply patch from gentoo to fix input validation in score
+    reading code to avoid stack overflow, and . Closes: # (CVE-2006-1539)
+
+ -- Joey Hess <joeyh@debian.org>  Thu,  6 Apr 2006 18:58:10 -0400
+
 bsdgames (2.17-5) unstable; urgency=low
 
   * Deal with removal of wenglish package. Closes: #345975

tetris/scores.c

@@ -335,7 +335,8 @@ checkscores(hs, num)
 				continue;
 			}
 		}
-		levelfound[sp->hs_level] = 1;
+        if (sp->hs_level < NLEVELS && sp->hs_level >= 0)
+    		levelfound[sp->hs_level] = 1;
 		i++, sp++;
 	}
 	return (num > MAXHISCORES ? MAXHISCORES : num);
@@ -374,12 +375,14 @@ showscores(level)
 	for (i = MINLEVEL; i < NLEVELS; i++)
 		levelfound[i] = 0;
 	for (i = 0, sp = scores; i < nscores; i++, sp++) {
-		if (levelfound[sp->hs_level])
+        if (sp->hs_level < NLEVELS && sp->hs_level >= 0) {
-			sp->hs_time = 0;
+    		if (levelfound[sp->hs_level])
-		else {
+	    		sp->hs_time = 0;
-			sp->hs_time = 1;
+		    else {
-			levelfound[sp->hs_level] = 1;
+			    sp->hs_time = 1;
-		}
+		    	levelfound[sp->hs_level] = 1;
+		    }
+        }
 	}
 
 	/*
@@ -433,7 +436,7 @@ printem(level, offset, hs, n, me)
 				continue;
 			}
 			sp = &hs[item];
-			(void)sprintf(buf,
+			(void)snprintf(buf, sizeof(buf),
 			    "%3d%c %6d  %-11s (%6d on %d)",
 			    item + offset, sp->hs_time ? '*' : ' ',
 			    sp->hs_score * sp->hs_level,