[afpfs-ng] Fix mount_afp crash (RHBZ #1165296)
Haïkel Guémar
hguemar at fedoraproject.org
Tue Nov 25 22:42:56 UTC 2014
commit 4416edf5127deec1456d5288ea7d10b50597b963
Author: Haïkel Guémar <hguemar at fedoraproject.org>
Date: Tue Nov 25 23:42:46 2014 +0100
Fix mount_afp crash (RHBZ #1165296)
afpfs-ng-0.8.1-formatsec.patch | 39 +++++++++++++++++++--------------------
afpfs-ng.spec | 5 ++++-
2 files changed, 23 insertions(+), 21 deletions(-)
---
diff --git a/afpfs-ng-0.8.1-formatsec.patch b/afpfs-ng-0.8.1-formatsec.patch
index 9f9d0a2..22527b3 100644
--- a/afpfs-ng-0.8.1-formatsec.patch
+++ b/afpfs-ng-0.8.1-formatsec.patch
@@ -23,12 +23,12 @@ index 827150b..59f0977 100644
afp_status_header(text,&len);
- printf(text);
-+ puts(text);
++ printf("%s", text);
len=40960;
afp_status_server(server,text,&len);
- printf(text);
-+ puts(text);
++ printf("%s", text);
return 0;
}
@@ -46,12 +46,12 @@ index c40f2bd..f887aec 100644
- sprintf(valid_url.username,username);
- sprintf(valid_url.password,password);
- sprintf(valid_url.uamname,uamname);
-+ strncpy(valid_url.servername,servername,sizeof(valid_url.servername));
-+ strncpy(valid_url.volumename,volumename,sizeof(valid_url.volumename));
-+ strncpy(valid_url.path,path,sizeof(valid_url.path));
-+ strncpy(valid_url.username,username,sizeof(valid_url.username));
-+ strncpy(valid_url.password,password,sizeof(valid_url.password));
-+ strncpy(valid_url.uamname,uamname,sizeof(valid_url.uamname));
++ snprintf(valid_url.servername,sizeof(valid_url.servername),"%s",servername);
++ snprintf(valid_url.volumename,sizeof(valid_url.volumename),"%s",volumename);
++ snprintf(valid_url.path,sizeof(valid_url.path),"%s",path);
++ snprintf(valid_url.username,sizeof(valid_url.username),"%s",username);
++ snprintf(valid_url.password,sizeof(valid_url.password),"%s",password);
++ snprintf(valid_url.uamname,(valid_url.uamname),"%s",uamname);
valid_url.port=port;
if (afp_url_validate(url_string,&valid_url))
@@ -82,21 +82,20 @@ diff --git a/fuse/commands.c b/fuse/commands.c
index aa7444d..bb06928 100644
--- a/fuse/commands.c
+++ b/fuse/commands.c
-@@ -163,7 +163,7 @@ static void fuse_log_for_client(void * priv,
-
- if (c) {
+@@ -163,6 +163,7 @@ static void fuse_log_for_client(void * priv,
len = strlen(c->client_string);
-- snprintf(c->client_string+len,
-+ strncat(c->client_string+len,
+ snprintf(c->client_string+len,
MAX_CLIENT_RESPONSE-len,
++ "%s",
message);
} else {
+
@@ -468,7 +468,7 @@ static int process_mount(struct fuse_client * c)
volume->mapping=req->map;
afp_detect_mapping(volume);
- snprintf(volume->mountpoint,255,req->mountpoint);
-+ strncat(volume->mountpoint,255,req->mountpoint);
++ snprintf(volume->mountpoint,255,"%s",req->mountpoint);
/* Create the new thread and block until we get an answer back */
{
@@ -109,7 +108,7 @@ index 42bac1c..f152d7b 100644
}
- snprintf(url->servername,strlen(p)+1,p);
-+ strncat(url->servername,strlen(p)+1,p);
++ snprintf(url->servername,strlen(p)+1,"%s",p);
if (check_servername(url->servername)) {
if (verbose) printf("This isn't a valid servername\n");
return -1;
@@ -118,7 +117,7 @@ index 42bac1c..f152d7b 100644
*q='\0';
q++;
- snprintf(url->password,strlen(q)+1,q);
-+ strncat(url->password,strlen(q)+1,q);
++ snprintf(url->password,strlen(q)+1,"%s",q);
if (check_password(url->password)) {
if (verbose) printf("This isn't a valid passwd\n");
return -1;
@@ -127,7 +126,7 @@ index 42bac1c..f152d7b 100644
*q='\0';
q+=6;
- snprintf(url->uamname,strlen(q)+1,q);
-+ strncat(url->uamname,strlen(q)+1,q);
++ snprintf(url->uamname,strlen(q)+1,"%s",q);
if (check_uamname(url->uamname)) {
if (verbose) printf("This isn't a valid uamname\n");
return -1;
@@ -136,7 +135,7 @@ index 42bac1c..f152d7b 100644
if (strlen(p)>0) {
- snprintf(url->username,strlen(p)+1,p);
-+ strncat(url->username,strlen(p)+1,p);
++ snprintf(url->username,strlen(p)+1,"%s",p);
if (check_username(url->username)) {
if (verbose) printf("This isn't a valid username\n");
return -1;;
@@ -145,13 +144,13 @@ index 42bac1c..f152d7b 100644
q++;
}
- snprintf(url->volumename,strlen(p)+1,p);
-+ strncat(url->volumename,strlen(p)+1,p);
++ snprintf(url->volumename,strlen(p)+1,"%s",p);
if (q) {
url->path[0]='/';
- snprintf(url->path+1,strlen(q)+1,q);
-+ strncat(url->path+1,strlen(q)+1,q);
++ snprintf(url->path+1,strlen(q)+1,"%s",q);
}
done:
diff --git a/afpfs-ng.spec b/afpfs-ng.spec
index dc5e37d..1ec541c 100644
--- a/afpfs-ng.spec
+++ b/afpfs-ng.spec
@@ -5,7 +5,7 @@
Name: afpfs-ng
Version: 0.8.1
-Release: 17%{?dist}
+Release: 18%{?dist}
Summary: Apple Filing Protocol client
Group: System Environment/Base
@@ -106,6 +106,9 @@ cp -p include/* %{buildroot}%{_includedir}/afpfs-ng
%changelog
+* Tue Nov 25 2014 <hguemar at fedoraproject.org> - 0.8.1-18
+- Fix mount_afp crash (RHBZ #1165296)
+
* Fri Aug 15 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.8.1-17
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
More information about the scm-commits
mailing list