From c555020003a5f8e6cc82485e14636119875e457e Mon Sep 17 00:00:00 2001
From: Richard Gallamore <ultima@FreeBSD.org>
Date: Sun, 1 Sep 2019 22:48:46 +0000
Subject: [PATCH] Fix stack overflow that can occur in libevhtp

libevhtp allocates a stack based on data length
when C99 is detected at compile time. There are
no checks to verify that the stack is big enough
which can cause a stack overflow.

Adding EVHTP_HAS_C99=false at compile time changes
this behavior by allocate to a buffer which has
proper checks in place.

More information about this bug can be found at:
https://github.com/criticalstack/libevhtp/issues/118
https://github.com/haiwen/seafile/issues/1928

MFH:		2019Q3


git-svn-id: svn+ssh://svn.freebsd.org/ports/head@510747 35697150-7ecd-e111-bb59-0022644237b5
---
 www/libevhtp/Makefile | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/www/libevhtp/Makefile b/www/libevhtp/Makefile
index 21ed6901e71e..261061850e72 100644
--- a/www/libevhtp/Makefile
+++ b/www/libevhtp/Makefile
@@ -2,7 +2,7 @@
 
 PORTNAME=	libevhtp
 PORTVERSION=	1.2.16
-PORTREVISION=	3
+PORTREVISION=	4
 CATEGORIES=	www
 
 MAINTAINER=	ultima@FreeBSD.org
@@ -19,7 +19,8 @@ USE_GITHUB=	yes
 GH_ACCOUNT=	criticalstack
 
 CMAKE_ARGS=	-DCMAKE_INCLUDE_PATH:PATH=include/event2 \
-		-DCMAKE_LIBRARY_PATH:PATH=lib/event2
+		-DCMAKE_LIBRARY_PATH:PATH=lib/event2 \
+		-DEVHTP_HAS_C99:BOOL=FALSE
 
 PLIST_SUB=	PORTVERSION=${PORTVERSION}