[star] fix another instance of buffer overflow for files with long names(#632384)
Ondrej Vasik
ovasik at fedoraproject.org
Tue Sep 14 14:04:24 UTC 2010
commit 22dfc15b4112e4b0fba7e1fae035804a88119f4d
Author: Ondřej Vašík <ovasik at redhat.com>
Date: Tue Sep 14 16:04:21 2010 +0200
fix another instance of buffer overflow for files with long names(#632384)
star-1.5.1-bufferoverflow.patch | 9 +++++++++
star.spec | 6 +++++-
2 files changed, 14 insertions(+), 1 deletions(-)
---
diff --git a/star-1.5.1-bufferoverflow.patch b/star-1.5.1-bufferoverflow.patch
index ef5f51c..a37bd19 100644
--- a/star-1.5.1-bufferoverflow.patch
+++ b/star-1.5.1-bufferoverflow.patch
@@ -10,3 +10,12 @@ diff -urNp star-1.5.1-orig/star/longnames.c star-1.5.1/star/longnames.c
return (TRUE);
}
+@@ -198,7 +198,7 @@ name_to_tcb(info, ptb)
+ if (add)
+ strcatl(ptb->dbuf.t_name, &np[1], "/", (char *)NULL);
+ else
+- strcpy(ptb->dbuf.t_name, &np[1]);
++ strncpy(ptb->dbuf.t_name, &np[1], props.pr_maxsname);
+ strncpy(ptb->dbuf.t_prefix, name, np - name);
+ info->f_flags |= F_SPLIT_NAME;
+ return (TRUE);
diff --git a/star.spec b/star.spec
index fcc1d95..52d0a7d 100644
--- a/star.spec
+++ b/star.spec
@@ -4,7 +4,7 @@
Summary: An archiving tool with ACL support
Name: star
Version: 1.5.1
-Release: 3%{?dist}
+Release: 4%{?dist}
URL: http://cdrecord.berlios.de/old/private/star.html
Source: ftp://ftp.berlios.de/pub/star/%{name}-%{version}.tar.bz2
@@ -118,6 +118,10 @@ rm -rf ${RPM_BUILD_ROOT}
%{_mandir}/man4/star.4*
%changelog
+* Tue Sep 14 2010 Ondrej Vasik <ovasik at redhat.com> 1.5.1-4
+- fix another instance of buffer overflow for files with
+ long names(#632384)
+
* Tue Aug 17 2010 Ondrej Vasik <ovasik at redhat.com> 1.5.1-3
- Fix some invalid manpage references (#624612)
- ship star.4 manpage with star format description
More information about the scm-commits
mailing list