Summary: | Typo in ports/devel/libedit, possible buffer overflow in libedit/history.c:history_save() | ||
---|---|---|---|
Product: | Ports & Packages | Reporter: | Sergey S. Kostyliov <rathamahata> |
Component: | Individual Port(s) | Assignee: | freebsd-ports-bugs (Nobody) <ports-bugs> |
Status: | Closed FIXED | ||
Severity: | Affects Only Me | ||
Priority: | Normal | ||
Version: | Latest | ||
Hardware: | Any | ||
OS: | Any |
Description
Sergey S. Kostyliov
2004-08-20 11:40:25 UTC
Otto Moerbeek <otto@drijf.net> has just pointed out that the: max_size = (len + 1023) & ~1023; patch is not enough (see http://www.sigmasoft.com/cgi-bin/wilma_hiliter/openbsd-bugs/200408/msg00092.html) "... If len is a multiple of 1024, max_size = (len + 1023) & ~1023; wil not increase it. Should probably be max_size = (len + 1024) & ~1023;" It looks like his statement is correct and either his patch or something like: http://www.sigmasoft.com/cgi-bin/wilma_hiliter/openbsd-bugs/200408/msg00096.html (which is a bit more intrusive but seems more self documented to me) is needed. -- Sergey S. Kostyliov <rathamahata@ehouse.ru> Jabber ID: rathamahata@jabber.org State Changed From-To: open->feedback Could somebody submit the correct patch, please? State Changed From-To: feedback->closed Committed, thanks! |