pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/editors/jove/patches PR/54528: greywolf: fix fortify i...
details: https://anonhg.NetBSD.org/pkgsrc/rev/7a0872b7bcfe
branches: trunk
changeset: 400881:7a0872b7bcfe
user: christos <christos%pkgsrc.org@localhost>
date: Fri Sep 06 14:51:42 2019 +0000
description:
PR/54528: greywolf: fix fortify issue with stack overwrites.
diffstat:
editors/jove/patches/patch-proc.c | 29 +++++++++++++++++++++++++++++
1 files changed, 29 insertions(+), 0 deletions(-)
diffs (33 lines):
diff -r 72bc744f1e14 -r 7a0872b7bcfe editors/jove/patches/patch-proc.c
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/editors/jove/patches/patch-proc.c Fri Sep 06 14:51:42 2019 +0000
@@ -0,0 +1,29 @@
+# $NetBSD: patch-proc.c,v 1.1 2019/09/06 14:51:42 christos Exp $
+
+Don't smash the stack by using the same variable for input and output.
+
+--- proc.c 2015-10-15 14:12:25.000000000 -0400
++++ proc.c 2019-09-06 10:20:35.710848362 -0400
+@@ -330,18 +330,19 @@
+ char *command;
+ {
+ static char bnm[FILESIZE];
+- register char *cp = bnm,
++ char nm[FILESIZE];
++ char *cp = nm,
+ c;
+
+ do {
+ c = *command++;
+ } while (jiswhite(c));
+- while (cp < &bnm[sizeof(bnm) - 1] && c != '\0' && !jiswhite(c)) {
++ while (cp < &nm[sizeof(nm) - 1] && c != '\0' && !jiswhite(c)) {
+ *cp++ = c;
+ c = *command++;
+ }
+ *cp = '\0';
+- strcpy(bnm, jbasename(bnm));
++ strcpy(bnm, jbasename(nm));
+
+ return bnm;
+ }
Home |
Main Index |
Thread Index |
Old Index