diff options
| author |   Stefan Briesenick <sbriesen@gentoo.org> | 2007-03-15 00:35:54 +0000 |
|---|---|---|
| committer | Stefan Briesenick <sbriesen@gentoo.org> | 2007-03-15 00:35:54 +0000 |
| commit | 57e662258fc33cb3bc8a215b949ee273a0af1403 (patch) | |
| tree | 90d05cafcc116bd611cb9b4e7c2223dab38ee728 /net-dialup/capi4k-utils/files | |
| parent | amd64 stable for bug #170932. (diff) | |
| download | gentoo-2-57e662258fc33cb3bc8a215b949ee273a0af1403.tar.gz gentoo-2-57e662258fc33cb3bc8a215b949ee273a0af1403.tar.bz2 gentoo-2-57e662258fc33cb3bc8a215b949ee273a0af1403.zip | |
added patch for buffer overflow in bufprint function (see bug #170870).
(Portage version: 2.1.2-r2)
Diffstat (limited to 'net-dialup/capi4k-utils/files')
| -rw-r--r-- | net-dialup/capi4k-utils/files/capi4k-utils-20050718-msg2str-safety.diff | 34 | ||||
| -rw-r--r-- | net-dialup/capi4k-utils/files/digest-capi4k-utils-20050718-r3 | 3 |
2 files changed, 37 insertions, 0 deletions
diff --git a/net-dialup/capi4k-utils/files/capi4k-utils-20050718-msg2str-safety.diff b/net-dialup/capi4k-utils/files/capi4k-utils-20050718-msg2str-safety.diff new file mode 100644 index 000000000000..8e0be87ea601 --- /dev/null +++ b/net-dialup/capi4k-utils/files/capi4k-utils-20050718-msg2str-safety.diff @@ -0,0 +1,34 @@ +diff -Naur capi20.orig/capiutils.h capi20/capiutils.h +--- capi20.orig/capiutils.h 2005-03-22 16:16:34.000000000 +0100 ++++ capi20/capiutils.h 2007-03-15 01:18:09.000000000 +0100 +@@ -308,6 +308,10 @@ + #define capi20_cmd2str capi_cmd2str + char *capi_cmd2str(_cbyte cmd, _cbyte subcmd); + ++/* ++ * WARNING: The following two functions use a single static buffer and ++ * are not thread-safe. ++ */ + #define capi20_cmsg2str capi_cmsg2str + char *capi_cmsg2str(_cmsg * cmsg); + +diff -Naur capi20.orig/convert.c capi20/convert.c +--- capi20.orig/convert.c 2005-05-09 10:23:01.000000000 +0200 ++++ capi20/convert.c 2007-03-15 01:20:13.000000000 +0100 +@@ -894,10 +894,14 @@ + static void bufprint(char *fmt,...) + { + va_list f; ++ size_t space = buf + sizeof(buf) - p, len; + va_start(f, fmt); +- vsprintf(p, fmt, f); ++ len = vsnprintf(p, space, fmt, f); + va_end(f); +- p += strlen(p); ++ if (len < space - 1) ++ p += len; ++ else ++ p += space - 1; + } + + static void printstructlen(_cbyte * m, unsigned len) diff --git a/net-dialup/capi4k-utils/files/digest-capi4k-utils-20050718-r3 b/net-dialup/capi4k-utils/files/digest-capi4k-utils-20050718-r3 new file mode 100644 index 000000000000..f1ed75afb639 --- /dev/null +++ b/net-dialup/capi4k-utils/files/digest-capi4k-utils-20050718-r3 @@ -0,0 +1,3 @@ +MD5 c745759b6b3d64e19763727176648cdf capi4k-utils-2005-07-18.tar.gz 862826 +RMD160 cadd13328aeef50ab26218614176b4f368b0b19d capi4k-utils-2005-07-18.tar.gz 862826 +SHA256 b162d726a31310fc29e7c0a25a4f82a590457f6a95c1b1168bcd72b6497b5746 capi4k-utils-2005-07-18.tar.gz 862826 |