--- ntpd/ntp_control.c.old	Fri Apr  6 10:16:59 2001
+++ ntpd/ntp_control.c	Fri Apr  6 11:18:33 2001
@@ -1782,7 +1782,7 @@
 	 * Delete leading commas and white space
 	 */
 	while (reqpt < reqend && (*reqpt == ',' ||
-	    isspace((int)*reqpt)))
+	    isspace((unsigned char)*reqpt)))
 		reqpt++;
 	if (reqpt >= reqend)
 		return (0);
@@ -1805,7 +1805,7 @@
 				tp++;
 			}
 			if ((*tp == '\0') || (*tp == '=')) {
-				while (cp < reqend && isspace((int)*cp))
+				while (cp < reqend && isspace((unsigned char)*cp))
 					cp++;
 				if (cp == reqend || *cp == ',') {
 					buf[0] = '\0';
@@ -1819,15 +1819,26 @@
 					cp++;
 					tp = buf;
 					while (cp < reqend &&
-					    isspace((int)*cp))
+					    isspace((unsigned char)*cp))
 						cp++;
-					while (cp < reqend && *cp !=
-					    ',')
-						*tp++ = *cp++;
+					while (cp < reqend && *cp != ',') {
+ 						*tp++ = *cp++;
+						if (tp >= buf + sizeof(buf)) {
+//							 msyslog(LOG_WARNING, "Attempted \"ntpdx\" exploit from IP %d.%d.%d.%d:%d (possibly spoofed)\n", 
+//	(ntohl(rmt_addr->sin_addr.s_addr) >> 24) & 0xff,
+//	(ntohl(rmt_addr->sin_addr.s_addr) >> 16) & 0xff,
+//	(ntohl(rmt_addr->sin_addr.s_addr) >> 8) & 0xff,
+//	(ntohl(rmt_addr->sin_addr.s_addr) >> 0) & 0xff,
+//	ntohs(rmt_addr->sin_port)
+//);
+
+							return (0);
+						}
+					}
 					if (cp < reqend)
 						cp++;
 					*tp = '\0';
-					while (isspace((int)(*(tp-1))))
+					while (tp != buf && isspace((unsigned char)(*(tp-1))))
 						*(--tp) = '\0';
 					reqpt = cp;
 					*data = buf;