Context Navigation

Back to Ticket #26660

Ticket #26660: patch-src-dotconf.c.diff

File patch-src-dotconf.c.diff, 731 bytes (added by boris.dusek@…, 13 years ago)
Security fix from dotconf's git after 1.3 was released

src/dotconf.c

From 6382711e9b0060bbd0408df512e48b2ce9cdb3be Mon Sep 17 00:00:00 2001
From: William Hubbs <w.d.hubbs@gmail.com>
Date: Tue, 22 Jun 2010 14:16:45 -0500
Subject: [PATCH] fix possible buffer overflow in get_path

If a pathname is longer than CFG_MAX_FILENAME, there was a possible
buffer overflow when copying the path name.
---
 src/dotconf.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git src/dotconf.c src/dotconf.c
index af553b3..7ba2001 100644

  char *get_path(char *name)
         } else {
                 len = tmp - name + 1;
                 if (len > CFG_MAX_FILENAME)
                         len -= 1;
+                        len = CFG_MAX_FILENAME;
+        }
                 snprintf(buf, len, "%s", name);
         return buf;

Download in other formats:

Original Format