diff options
author | Daniel Ahlberg <aliz@gentoo.org> | 2003-06-18 08:57:57 +0000 |
---|---|---|
committer | Daniel Ahlberg <aliz@gentoo.org> | 2003-06-18 08:57:57 +0000 |
commit | 2f9f47f8c69e0c55e1cd7b27e1d9a4cd9fca1f0d (patch) | |
tree | bfadb2bea3e4dc8479027788768e1d92d1f593b3 /net-ftp/atftp | |
parent | gcc hardcode removed (diff) | |
download | historical-2f9f47f8c69e0c55e1cd7b27e1d9a4cd9fca1f0d.tar.gz historical-2f9f47f8c69e0c55e1cd7b27e1d9a4cd9fca1f0d.tar.bz2 historical-2f9f47f8c69e0c55e1cd7b27e1d9a4cd9fca1f0d.zip |
Updated patch
Diffstat (limited to 'net-ftp/atftp')
-rw-r--r-- | net-ftp/atftp/ChangeLog | 5 | ||||
-rw-r--r-- | net-ftp/atftp/files/atftp-0.6-security.patch | 35 |
2 files changed, 27 insertions, 13 deletions
diff --git a/net-ftp/atftp/ChangeLog b/net-ftp/atftp/ChangeLog index 2fe578405c4d..216708a40fb2 100644 --- a/net-ftp/atftp/ChangeLog +++ b/net-ftp/atftp/ChangeLog @@ -1,6 +1,9 @@ # ChangeLog for net-ftp/atftp # Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2 -# $Header: /var/cvsroot/gentoo-x86/net-ftp/atftp/ChangeLog,v 1.5 2003/06/08 18:15:13 aliz Exp $ +# $Header: /var/cvsroot/gentoo-x86/net-ftp/atftp/ChangeLog,v 1.6 2003/06/18 08:57:56 aliz Exp $ + + 18 Jun 2003; Daniel Ahlberg <aliz@gentoo.org> files/atftp-0.6-security.patch : + Updated patch to a more proper one. *atftp-0.6-r2 (08 Jun 2003) diff --git a/net-ftp/atftp/files/atftp-0.6-security.patch b/net-ftp/atftp/files/atftp-0.6-security.patch index 1646018ca9d3..5bf58699c74c 100644 --- a/net-ftp/atftp/files/atftp-0.6-security.patch +++ b/net-ftp/atftp/files/atftp-0.6-security.patch @@ -1,12 +1,23 @@ ---- tftpd_file.c Tue Mar 12 05:26:18 2002 -+++ tftpd_file_diff.c Thu Jun 5 20:31:06 2003 -@@ -357,7 +357,8 @@ - else - { - strcpy(filename, directory); -- strncat(filename, data->tftp_options[OPT_FILENAME].value, VAL_SIZE); -+ strncat(filename, data->tftp_options[OPT_FILENAME].value, -+ VAL_SIZE - strlen( directory ) - 1 ); - } - - /* If the filename contain /../ sequences, we forbid the access */ +--- tftp.c 2003-06-17 00:13:52.000000000 +0200 ++++ tftp.patch.c 2003-06-17 00:09:50.000000000 +0200 +@@ -827,17 +827,17 @@ int tftp_cmd_line_options(int argc, char + process_cmd(ac, av); + break; + case 'T': +- sprintf(string, "timeout %s", optarg); ++ snprintf(string, sizeof(string), "timeout %s", optarg); + make_arg(string, &ac, &av); + process_cmd(ac, av); + break; + case 't': +- sprintf(string, "option timeout %s", optarg); ++ snprintf(string, sizeof(string), "option timeout %s", optarg); + make_arg(string, &ac, &av); + process_cmd(ac, av); + break; + case 'b': +- sprintf(string, "option blksize %s", optarg); ++ snprintf(string, sizeof(string), "option blksize %s", optarg); + make_arg(string, &ac, &av); + process_cmd(ac, av); + break; |