pkgsrc-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

pkg/40374: pkgsrc/net/nbtscan buffer overflow, wrong homepage

>Number:         40374
>Category:       pkg
>Synopsis:       pkgsrc/net/nbtscan buffer overflow, wrong homepage
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Jan 12 14:05:00 +0000 2009
>Originator:     Rob Quinn
>Release:        Solaris2.10, pkgsrc-current
New homepage for this software is 
 The old homepage leads to a cybersquatter.

net/nbtscan gets the buffer size wrong when null terminating a string in 

int v_print_hostinfo(struct in_addr addr, const struct nb_host_info* hostinfo, 
char* sf, int hr) {
  char name[16];
      strncpy(name, hostinfo->names[i].ascii_name, 15);
      if(sf) {
        printf("%s%s%s%s", inet_ntoa(addr), sf, name, sf);
      } else {
        printf("%-17s",  name);


Removed the 15's and replaced with sizeof.

Home | Main Index | Thread Index | Old Index