FreeBSD Bugzilla – Attachment 34472 Details for
Bug 56006
[PATCH] buffer overflows in databases/gnats
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
gnats-security.patch
gnats-security.patch (text/plain), 3.13 KB, created by
Oliver Eikemeier
on 2003-08-26 16:20:15 UTC
(
hide
)
Description:
gnats-security.patch
Filename:
MIME Type:
Creator:
Oliver Eikemeier
Created:
2003-08-26 16:20:15 UTC
Size:
3.13 KB
patch
obsolete
>diff -Nur databases/gnats/files/patch-gnats::files.c.orig databases/gnats/files/patch-gnats::files.c >--- databases/gnats/files/patch-gnats::files.c.orig Thu Jan 1 01:00:00 1970 >+++ databases/gnats/files/patch-gnats::files.c Tue Aug 26 16:17:15 2003 >@@ -0,0 +1,29 @@ >+--- gnats/files.c.orig Mon Feb 12 06:36:25 2001 >++++ gnats/files.c Sat Jun 14 13:17:58 2003 >+@@ -271,7 +271,7 @@ >+ char *path = (char *) alloca (PATH_MAX); >+ >+ memset (array, 0, NUM_RESPONSIBLE_FIELDS * sizeof (char *)); >+- sprintf (path, "%s/gnats-adm/%s", gnats_root, RESPONSIBLE_FILE); >++ snprintf (path, PATH_MAX-1, "%s/gnats-adm/%s", gnats_root, RESPONSIBLE_FILE); >+ fp = fopen (path, "r"); >+ if (fp == NULL) >+ return 0; >+@@ -358,7 +358,7 @@ >+ int i, nerrs = 0; >+ >+ memset (array, 0, NUM_CLASS_FIELDS * sizeof (char *)); >+- sprintf (path, "%s/gnats-adm/%s", gnats_root, CLASSES); >++ snprintf (path, PATH_MAX-1, "%s/gnats-adm/%s", gnats_root, CLASSES); >+ fp = fopen (path, "r"); >+ >+ if (fp == NULL) >+@@ -593,7 +593,7 @@ >+ int i, nerrs = 0; >+ >+ memset (array, 0, NUM_STATE_FIELDS * sizeof (char *)); >+- sprintf (path, "%s/gnats-adm/%s", gnats_root, STATES); >++ snprintf (path, PATH_MAX-1, "%s/gnats-adm/%s", gnats_root, STATES); >+ fp = fopen (path, "r"); >+ >+ if (fp == NULL) >diff -Nur databases/gnats/files/patch-gnats::gen-index.c.orig databases/gnats/files/patch-gnats::gen-index.c >--- databases/gnats/files/patch-gnats::gen-index.c.orig Thu Jan 1 01:00:00 1970 >+++ databases/gnats/files/patch-gnats::gen-index.c Tue Aug 26 16:17:42 2003 >@@ -0,0 +1,11 @@ >+--- gnats/gen-index.c.orig Wed Sep 22 08:18:39 1999 >++++ gnats/gen-index.c Sat Jun 14 13:19:58 2003 >+@@ -256,7 +256,7 @@ >+ Categories *c; >+ >+ if (! catfile) >+- sprintf (path, "%s/gnats-adm/%s", gnats_root, CATEGORIES); >++ snprintf (path, PATH_MAX-1, "%s/gnats-adm/%s", gnats_root, CATEGORIES); >+ else >+ path = catfile; >+ >diff -Nur databases/gnats/files/patch-gnats::index.c.orig databases/gnats/files/patch-gnats::index.c >--- databases/gnats/files/patch-gnats::index.c.orig Thu Jan 1 01:00:00 1970 >+++ databases/gnats/files/patch-gnats::index.c Tue Aug 26 16:17:58 2003 >@@ -0,0 +1,11 @@ >+--- gnats/index.c.orig Thu Mar 18 08:45:38 1999 >++++ gnats/index.c Sat Jun 14 13:22:21 2003 >+@@ -399,7 +399,7 @@ >+ if (! index_filename) >+ { >+ index_filename = (char *) xmalloc (PATH_MAX); >+- sprintf (index_filename, "%s/gnats-adm/%s", gnats_root, INDEX); >++ snprintf (index_filename, PATH_MAX-1, "%s/gnats-adm/%s", gnats_root, INDEX); >+ } >+ >+ fp = fopen (index_filename, "r"); >diff -Nur databases/gnats/files/patch-gnats::internal.c.orig databases/gnats/files/patch-gnats::internal.c >--- databases/gnats/files/patch-gnats::internal.c.orig Thu Jan 1 01:00:00 1970 >+++ databases/gnats/files/patch-gnats::internal.c Tue Aug 26 16:18:06 2003 >@@ -0,0 +1,11 @@ >+--- gnats/internal.c.orig Wed Mar 3 09:18:53 1999 >++++ gnats/internal.c Sat Jun 14 14:09:45 2003 >+@@ -238,7 +238,7 @@ >+ struct stat buf; >+ int count; >+ >+- sprintf (path, "%s/gnats-adm/gnats.lock", gnats_root); >++ snprintf (path, PATH_MAX-1, "%s/gnats-adm/gnats.lock", gnats_root); >+ >+ #define MAXWAIT 10 >+ #define GRANULARITY 1
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=34472">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 56006
: 34472