Ticket #26660: patch-src-dotconf.c.diff

File patch-src-dotconf.c.diff, 731 bytes (added by boris.dusek@…, 14 years ago)

Security fix from dotconf's git after 1.3 was released

  • src/dotconf.c

    From 6382711e9b0060bbd0408df512e48b2ce9cdb3be Mon Sep 17 00:00:00 2001
    From: William Hubbs <w.d.hubbs@gmail.com>
    Date: Tue, 22 Jun 2010 14:16:45 -0500
    Subject: [PATCH] fix possible buffer overflow in get_path
    
    If a pathname is longer than CFG_MAX_FILENAME, there was a possible
    buffer overflow when copying the path name.
    ---
     src/dotconf.c |    2 +-
     1 files changed, 1 insertions(+), 1 deletions(-)
    
    diff --git src/dotconf.c src/dotconf.c
    index af553b3..7ba2001 100644
    char *get_path(char *name) 
    14401440        } else {
    14411441                len = tmp - name + 1;
    14421442                if (len > CFG_MAX_FILENAME)
    1443                         len -= 1;
     1443                        len = CFG_MAX_FILENAME;
    14441444        }
    14451445                snprintf(buf, len, "%s", name);
    14461446        return buf;