rpms/star/F-12 star-1.5.1-bufferoverflow.patch, NONE, 1.1 star.spec, 1.51, 1.52
Ondrej Vasik
ovasik at fedoraproject.org
Wed Feb 3 12:55:40 UTC 2010
Author: ovasik
Update of /cvs/pkgs/rpms/star/F-12
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv22959
Modified Files:
star.spec
Added Files:
star-1.5.1-bufferoverflow.patch
Log Message:
fix buffer overflow for files with names of length 100 chars(#556664)
star-1.5.1-bufferoverflow.patch:
longnames.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- NEW FILE star-1.5.1-bufferoverflow.patch ---
diff -urNp star-1.5.1-orig/star/longnames.c star-1.5.1/star/longnames.c
--- star-1.5.1-orig/star/longnames.c 2009-10-16 00:38:55.000000000 +0200
+++ star-1.5.1/star/longnames.c 2010-02-03 13:36:03.000000000 +0100
@@ -155,7 +155,7 @@ name_to_tcb(info, ptb)
if (add)
strcatl(ptb->dbuf.t_name, name, "/", (char *)NULL);
else
- strcpy(ptb->dbuf.t_name, name);
+ strncpy(ptb->dbuf.t_name, name, props.pr_maxsname);
return (TRUE);
}
Index: star.spec
===================================================================
RCS file: /cvs/pkgs/rpms/star/F-12/star.spec,v
retrieving revision 1.51
retrieving revision 1.52
diff -u -p -r1.51 -r1.52
--- star.spec 27 Aug 2009 14:10:45 -0000 1.51
+++ star.spec 3 Feb 2010 12:55:39 -0000 1.52
@@ -4,7 +4,7 @@
Summary: An archiving tool with ACL support
Name: star
Version: 1.5
-Release: 8%{?dist}
+Release: 9%{?dist}
URL: http://cdrecord.berlios.de/old/private/star.html
Source: ftp://ftp.berlios.de/pub/star/%{name}-%{version}.tar.bz2
@@ -18,6 +18,8 @@ Patch3: star-1.5-changewarnSegv.patch
Patch4: star-1.5-removenames_c.patch
#do not conflict with glibc stdio functions (#494213)
Patch5: star-1.5-stdioconflict.patch
+#Prevent buffer overflow for filenames with length of 100 characters (#556664)
+Patch6: star-1.5.1-bufferoverflow.patch
License: CDDL
Group: Applications/Archiving
@@ -38,6 +40,7 @@ and can restore individual files from th
%patch3 -p1 -b .changewarnSegv
%patch4 -p1 -b .removenames
%patch5 -p1 -b .conflict
+%patch6 -p1 -b .namesoverflow
iconv -f iso_8859-1 -t utf-8 AN-1.5 >AN-1.5_utf8
mv AN-1.5_utf8 AN-1.5
cp -a READMEs/README.linux .
@@ -113,6 +116,10 @@ rm -rf ${RPM_BUILD_ROOT}
%{_mandir}/man1/ustar.1*
%changelog
+* Wed Feb 03 2010 Ondrej Vasik <ovasik at redhat.com> 1.5-9
+- fix buffer overflow for files with names of length
+ 100 chars(#556664)
+
* Thu Aug 27 2009 Ondrej Vasik <ovasik at redhat.com> 1.5-8
- provide symlinked manpage for ustar
More information about the scm-commits
mailing list