Bugzilla – Attachment 12955 Details for
Bug 42474
VUL-0: CVE-2003-0645: mandb overflow
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
IDP Log In
|
Forgot Password
[patch]
a patch :)
man-2.3.19.dif (text/plain), 1.79 KB, created by
Sebastian Krahmer
on 2003-06-23 20:10:36 UTC
(
hide
)
Description:
a patch :)
Filename:
MIME Type:
Creator:
Sebastian Krahmer
Created:
2003-06-23 20:10:36 UTC
Size:
1.79 KB
patch
obsolete
>--- manp.c.orig 2003-06-17 07:12:32.000000000 -0700 >+++ manp.c 2003-06-17 07:10:40.000000000 -0700 >@@ -659,7 +659,7 @@ > drop_effective_privs (); > } > /* then the hierarchy */ >- sprintf (catname, "%s/cat1", catdir); >+ snprintf (catname, sizeof(catname), "%s/cat1", catdir); > if (is_directory (catdir) == 1) { > int j; > regain_effective_privs (); >@@ -668,8 +668,8 @@ > "creating catdir hierarchy %s ", > catdir); > for (j = 1; j <= 9; j++) { >- sprintf (catname, "%s/cat%d", catdir, j); >- sprintf (manname, "%s/man%d", mandir, j); >+ snprintf (catname, sizeof(catname), "%s/cat%d", catdir, j); >+ snprintf (manname, sizeof(manname), "%s/man%d", mandir, j); > if ((is_directory (manname) == 1) > && (is_directory (catname) != 1)) { > if (mkdir (catname, >@@ -703,6 +703,9 @@ > char key[50], cont[512]; > int c; > >+ memset(key, 0, sizeof(key)); >+ memset(cont, 0, sizeof(cont)); >+ > while ((bp = fgets (buf, BUFSIZ, config))) { > > while (isspace (*bp)) >@@ -714,13 +717,13 @@ > continue; /* mach any word starting with NO */ > else if (sscanf (bp, "MANBIN %*s") == 1) > continue; >- else if (sscanf (bp, "MANDATORY_MANPATH %s", key) == 1) >+ else if (sscanf (bp, "MANDATORY_MANPATH %49s", key) == 1) > add_mandatory (key); >- else if (sscanf (bp, "MANPATH_MAP %s %s", key, cont) == 2) >+ else if (sscanf (bp, "MANPATH_MAP %49s %511s", key, cont) == 2) > add_manpath_map (key, cont); >- else if ((c = sscanf (bp, "MANDB_MAP %s %s", key, cont)) > 0) >+ else if ((c = sscanf (bp, "MANDB_MAP %49s %511s", key, cont)) > 0) > add_mandb_map (key, cont, c, user); >- else if ((c = sscanf (bp, "DEFINE %50s %511[^\n]", >+ else if ((c = sscanf (bp, "DEFINE %49s %511[^\n]", > key, cont)) > 0) > add_def (key, cont, c); > else if (sscanf (bp, "SECTION %511[^\n]", cont) == 1)
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=12955">View the attachment on a separate page</a>.</b>
Actions:
View
|
Diff
Attachments on
bug 42474
:
12954
| 12955