--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/components/w3m/patches/03-istream.patch Fri Jan 23 08:59:19 2015 -0800
@@ -0,0 +1,65 @@
+# Copied over from the desktop consolidation, which has the comment:
+# date:2011-02-16 owner:liyuan type bug bugster:7008664
+# Bugster CR #7008664 is now BugDB CR #15688660
+# 15688660 SUNBT7008664-SOLARIS_11 CVE-2010-2074 w3m problems handling x.509 data
+#
+# This patch needs to be evaluated to see if it needs to be passed upstream.
+
+--- w3m-0.5.2/istream.c 2007-05-23 23:06:05.000000000 +0800
++++ w3m-0.5.3/istream.c 2011-01-04 17:22:22.000000000 +0800
+@@ -1,4 +1,4 @@
+-/* $Id: istream.c,v 1.26 2007/05/23 15:06:05 inu Exp $ */
++/* $Id: istream.c,v 1.27 2010/07/18 13:43:23 htrb Exp $ */
+ #include "fm.h"
+ #include "myctype.h"
+ #include "istream.h"
+@@ -447,8 +447,17 @@
+
+ if (!seen_dnsname)
+ seen_dnsname = Strnew();
++ /* replace \0 to make full string visible to user */
++ if (sl != strlen(sn)) {
++ int i;
++ for (i = 0; i < sl; ++i) {
++ if (!sn[i])
++ sn[i] = '!';
++ }
++ }
+ Strcat_m_charp(seen_dnsname, sn, " ", NULL);
+- if (ssl_match_cert_ident(sn, sl, hostname))
++ if (sl == strlen(sn) /* catch \0 in SAN */
++ && ssl_match_cert_ident(sn, sl, hostname))
+ break;
+ }
+ }
+@@ -466,16 +475,27 @@
+ if (match_ident == FALSE && ret == NULL) {
+ X509_NAME *xn;
+ char buf[2048];
++ int slen;
+
+ xn = X509_get_subject_name(x);
+
+- if (X509_NAME_get_text_by_NID(xn, NID_commonName,
+- buf, sizeof(buf)) == -1)
++ slen = X509_NAME_get_text_by_NID(xn, NID_commonName, buf, sizeof(buf));
++ if ( slen == -1)
+ /* FIXME: gettextize? */
+ ret = Strnew_charp("Unable to get common name from peer cert");
+- else if (!ssl_match_cert_ident(buf, strlen(buf), hostname))
++ else if (slen != strlen(buf)
++ || !ssl_match_cert_ident(buf, strlen(buf), hostname)) {
++ /* replace \0 to make full string visible to user */
++ if (slen != strlen(buf)) {
++ int i;
++ for (i = 0; i < slen; ++i) {
++ if (!buf[i])
++ buf[i] = '!';
++ }
++ }
+ /* FIXME: gettextize? */
+ ret = Sprintf("Bad cert ident %s from %s", buf, hostname);
++ }
+ else
+ match_ident = TRUE;
+ }