Bug#609096: Buffer overflow in xdigger with long argv[0]
Adam D. Barratt
adam at adam-barratt.org.uk
Sun Jan 16 19:25:01 UTC 2011
On Sun, 2011-01-16 at 20:38 +0200, Peter Pentchev wrote:
> Here's the new debdiff; thanks for your time!
Thanks for that.
Two small things:
+- strcat(strcpy(croom, " ROOM: "), slevel_number);
[...]
++ snprintf(croom, sizeof(croom), " ROOM: %s", slevel_number);
The new version has one fewer space than the original; I guessed that
the double space might be so that the string aligns with " LIVES: ".
+- strcpy(localhost, gethostbyname(localhost)->h_name);
+- strcpy(xhost, gethostbyname(xhost)->h_name);
++ snprintf(localhost, sizeof(localhost), gethostbyname(localhost)->h_name);
++ snprintf(xhost, sizeof(xhost), gethostbyname(xhost)->h_name);
Those should probably be strncpys, or have an explicit "%s" format string.
+xdigger (1.0.10-13+lenny1) unstable; urgency=low
s/unstable/stable/
Okay, I lied; it was three things. :)
With the above changes, please feel free to upload (bearing in mind that
the deadline for inclusion in the next point release is tomorrow).
Regards,
Adam
More information about the Pkg-games-devel
mailing list