--- /dev/null	2014-05-31 00:44:00.000000000 +0000
+++ build/pkgs/python/fbsd-patch-src_CVE-2014-1912	2014-05-31 00:35:21.000000000 +0000
@@ -0,0 +1,50 @@
+# HG changeset patch
+# User Benjamin Peterson <benjamin@python.org>
+# Date 1389671978 18000
+# Node ID 87673659d8f7ba1623cd4914f09ad3d2ade034e9
+# Parent  2631d33ee7fbd5f0288931ef37872218d511d2e8
+complain when nbytes > buflen to fix possible buffer overflow (closes #20246)
+
+# HG changeset patch
+# User Stefan Krah <skrah@bytereef.org>
+# Date 1390341952 -3600
+# Node ID b6c5a37b221f5c617125faa363d1b460b0b61b42
+# Parent  d55d1cbf5f9a9efa7908fc9412bae676a6b675ef
+Issue #20246: Fix test failures on FreeBSD. Patch by Ryan Smith-Roberts.
+
+diff --git a/Lib/test/test_socket.py b/Lib/test/test_socket.py
+--- src/Lib/test/test_socket.py
++++ src/Lib/test/test_socket.py
+@@ -1620,6 +1620,16 @@ class BufferIOTest(SocketConnectedTest):
+ 
+     _testRecvFromIntoMemoryview = _testRecvFromIntoArray
+ 
++    def testRecvFromIntoSmallBuffer(self):
++        # See issue #20246.
++        buf = bytearray(8)
++        self.assertRaises(ValueError, self.cli_conn.recvfrom_into, buf, 1024)
++
++    def _testRecvFromIntoSmallBuffer(self):
++        with test_support.check_py3k_warnings():
++            buf = buffer(MSG)
++        self.serv_conn.send(buf)
++
+ 
+ TIPC_STYPE = 2000
+ TIPC_LOWER = 200
+ 
+diff --git a/Modules/socketmodule.c b/Modules/socketmodule.c
+--- src/Modules/socketmodule.c
++++ src/Modules/socketmodule.c
+@@ -2742,6 +2742,10 @@ sock_recvfrom_into(PySocketSockObject *s
+     if (recvlen == 0) {
+         /* If nbytes was not specified, use the buffer's length */
+         recvlen = buflen;
++    } else if (recvlen > buflen) {
++        PyErr_SetString(PyExc_ValueError,
++                        "nbytes is greater than the length of the buffer");
++        goto error;
+     }
+ 
+     readlen = sock_recvfrom_guts(s, buf.buf, recvlen, flags, &addr);
+