aboutsummaryrefslogtreecommitdiff
path: root/packages/redhat_rpm
diff options
context:
space:
mode:
authorRussell Bryant <russellbryant@users.sourceforge.net>2008-01-10 03:24:11 +0000
committerRussell Bryant <russellbryant@users.sourceforge.net>2008-01-10 03:24:11 +0000
commit0589fa10763adc6e984f0b79bb7e6d087123063f (patch)
tree1b299603b045bfe9b00751da8ad0fb0cf0f5a695 /packages/redhat_rpm
parent3b8157ecd075b7cdb103fd1a2ce1a900237bc392 (diff)
(add patch from issue #1852385)
This patch provides a revised implementation of the strtokcpy() function in s_path.c. It provides the following benefits: 1) Prevent potential overflow of a stack buffer. This function did nothing to ensure that it didn't write past the end of the destination buffer. It is possible to cause this to happen by providing certain command line arguments that are longer than MAXPDSTRING. Also, there may be other ways to trigger this bug if namelist_append_files() is used anywhere beyond the uses I reviewed, which are the ones in pd/*.c. 2) Copy bytes from the string in the same loop that looks for the delimiter. This is simply for efficiency in that the string only has to be traversed once, instead of twice (one to find the delimiter, and the second to copy up to it). svn path=/trunk/; revision=9143
Diffstat (limited to 'packages/redhat_rpm')
0 files changed, 0 insertions, 0 deletions