--- nanohttp.c.orig	2004-03-22 08:54:58.000000000 -0600
+++ nanohttp.c	2004-10-27 04:42:38.000000000 -0500
@@ -1065,11 +1072,21 @@
 	for (res = result; res; res = res->ai_next) {
 	    if (res->ai_family == AF_INET || res->ai_family == AF_INET6) {
 		if (res->ai_family == AF_INET6) {
+		    if (res->ai_addrlen > sizeof(sockin6)) {
+			__xmlIOErr(XML_FROM_HTTP, 0, "address size mismatch\n");
+			freeaddrinfo (result);
+			return (-1);
+		    }
 		    memcpy (&sockin6, res->ai_addr, res->ai_addrlen);
 		    sockin6.sin6_port = htons (port);
 		    addr = (struct sockaddr *)&sockin6;
 		}
 		else {
+		    if (res->ai_addrlen > sizeof(sockin)) {
+			__xmlIOErr(XML_FROM_HTTP, 0, "address size mismatch\n");
+			freeaddrinfo (result);
+			return (-1);
+		    }
 		    memcpy (&sockin, res->ai_addr, res->ai_addrlen);
 		    sockin.sin_port = htons (port);
 		    addr = (struct sockaddr *)&sockin;
@@ -1134,6 +1151,10 @@
 	for (i = 0; h->h_addr_list[i]; i++) {
 	    if (h->h_addrtype == AF_INET) {
 		/* A records (IPv4) */
+		if ((unsigned int) h->h_length > sizeof(ia)) {
+		    __xmlIOErr(XML_FROM_HTTP, 0, "address size mismatch\n");
+		    return (-1);
+		}
 		memcpy (&ia, h->h_addr_list[i], h->h_length);
 		sockin.sin_family = h->h_addrtype;
 		sockin.sin_addr = ia;
@@ -1142,6 +1163,10 @@
 #ifdef SUPPORT_IP6
 	    } else if (have_ipv6 () && (h->h_addrtype == AF_INET6)) {
 		/* AAAA records (IPv6) */
+		if ((unsigned int) h->h_length > sizeof(ia6)) {
+		    __xmlIOErr(XML_FROM_HTTP, 0, "address size mismatch\n");
+		    return (-1);
+		}
 		memcpy (&ia6, h->h_addr_list[i], h->h_length);
 		sockin6.sin6_family = h->h_addrtype;
 		sockin6.sin6_addr = ia6;
--- nanoftp.c.orig	2004-02-10 07:00:45.000000000 -0600
+++ nanoftp.c	2004-11-30 15:41:25.000000000 -0600
@@ -195,7 +195,7 @@
 
     proxyPort = 21;
     env = getenv("no_proxy");
-    if (env != NULL)
+    if (env && ((env[0] == '*' ) && (env[1] == 0)))
 	return;
     env = getenv("ftp_proxy");
     if (env != NULL) {
@@ -355,8 +355,13 @@
 
 	if (cur[0] == '[') {
 	    cur++;
-	    while (cur[0] != ']')
+	    while ((cur[0] != ']') && (indx < XML_NANO_MAX_URLBUF-1))
 		buf[indx++] = *cur++;
+	    if (indx >= XML_NANO_MAX_URLBUF-1) {
+		xmlGenericError(xmlGenericErrorContext,
+		                "\nxmlNanoFTPScanURL: %s", "Syntax Error\n");
+		return;
+	    }
 
 	    if (!strchr (buf, ':')) {
 		xmlGenericError (xmlGenericErrorContext, "\nxmlNanoFTPScanURL: %s",
@@ -604,8 +609,14 @@
 
 	if (cur[0] == '[') {
 	    cur++;
-	    while (cur[0] != ']')
+	    while ((cur[0] != ']') && (indx < XML_NANO_MAX_URLBUF-1))
 		buf[indx++] = *cur++;
+            if (indx >= XML_NANO_MAX_URLBUF-1) {
+		xmlGenericError (xmlGenericErrorContext,
+			  "\nxmlNanoFTPScanProxy: %s", "Syntax error\n");
+		return;
+	    }
+
 	    if (!strchr (buf, ':')) {
 		xmlGenericError (xmlGenericErrorContext, "\nxmlNanoFTPScanProxy: %s",
 			"Use [IPv6]/IPv4 format\n");
@@ -1095,9 +1106,13 @@
 	if (!tmp) {
 	    if (result)
 		freeaddrinfo (result);
+	    __xmlIOErr(XML_FROM_FTP, 0, "getaddrinfo failed");
+	    return (-1);
+	}
+	if (tmp->ai_addrlen > sizeof(ctxt->ftpAddr)) {
+	    __xmlIOErr(XML_FROM_FTP, 0, "gethostbyname address mismatch");
 	    return (-1);
 	}
-	else {
 	    if (tmp->ai_family == AF_INET6) {
 		memcpy (&ctxt->ftpAddr, tmp->ai_addr, tmp->ai_addrlen);
 		((struct sockaddr_in6 *) &ctxt->ftpAddr)->sin6_port = htons (port);
@@ -1111,7 +1126,6 @@
 	    addrlen = tmp->ai_addrlen;
 	    freeaddrinfo (result);
 	}
-    }
     else
 #endif
     {
@@ -1123,6 +1137,11 @@
 	    __xmlIOErr(XML_FROM_FTP, 0, "gethostbyname failed");
 	    return (-1);
 	}
+	if ((unsigned int) hp->h_length >
+	    sizeof(((struct sockaddr_in *)&ctxt->ftpAddr)->sin_addr)) {
+	    __xmlIOErr(XML_FROM_FTP, 0, "gethostbyname address mismatch");
+	    return (-1);
+	}
 
     /*
      * Prepare the socket