Origin: http://trac.networkupstools.org/projects/nut/changeset/3633
Description: Fix CVE-2012-2944: upsd can be remotely crashed

Index: nut-2.6.3/common/parseconf.c
===================================================================
--- nut-2.6.3.orig/common/parseconf.c	2011-10-04 02:06:25.000000000 -0500
+++ nut-2.6.3/common/parseconf.c	2012-05-30 13:29:41.000000000 -0500
@@ -171,6 +171,13 @@
 
 	wbuflen = strlen(ctx->wordbuf);
 
+	/* CVE-2012-2944: only allow the subset Ascii charset from Space to ~ */
+	if ((ctx->ch < 0x20) || (ctx->ch > 0x7f)) {
+		fprintf(stderr, "addchar: discarding invalid character (0x%02x)!\n",
+				ctx->ch);
+		return;
+	}
+
 	if (ctx->wordlen_limit != 0) {
 		if (wbuflen >= ctx->wordlen_limit) {