summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Ahlberg <aliz@gentoo.org>2003-06-18 08:57:57 +0000
committerDaniel Ahlberg <aliz@gentoo.org>2003-06-18 08:57:57 +0000
commit2f9f47f8c69e0c55e1cd7b27e1d9a4cd9fca1f0d (patch)
treebfadb2bea3e4dc8479027788768e1d92d1f593b3 /net-ftp/atftp
parentgcc hardcode removed (diff)
downloadhistorical-2f9f47f8c69e0c55e1cd7b27e1d9a4cd9fca1f0d.tar.gz
historical-2f9f47f8c69e0c55e1cd7b27e1d9a4cd9fca1f0d.tar.bz2
historical-2f9f47f8c69e0c55e1cd7b27e1d9a4cd9fca1f0d.zip
Updated patch
Diffstat (limited to 'net-ftp/atftp')
-rw-r--r--net-ftp/atftp/ChangeLog5
-rw-r--r--net-ftp/atftp/files/atftp-0.6-security.patch35
2 files changed, 27 insertions, 13 deletions
diff --git a/net-ftp/atftp/ChangeLog b/net-ftp/atftp/ChangeLog
index 2fe578405c4d..216708a40fb2 100644
--- a/net-ftp/atftp/ChangeLog
+++ b/net-ftp/atftp/ChangeLog
@@ -1,6 +1,9 @@
# ChangeLog for net-ftp/atftp
# Copyright 2002-2003 Gentoo Technologies, Inc.; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-ftp/atftp/ChangeLog,v 1.5 2003/06/08 18:15:13 aliz Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-ftp/atftp/ChangeLog,v 1.6 2003/06/18 08:57:56 aliz Exp $
+
+ 18 Jun 2003; Daniel Ahlberg <aliz@gentoo.org> files/atftp-0.6-security.patch :
+ Updated patch to a more proper one.
*atftp-0.6-r2 (08 Jun 2003)
diff --git a/net-ftp/atftp/files/atftp-0.6-security.patch b/net-ftp/atftp/files/atftp-0.6-security.patch
index 1646018ca9d3..5bf58699c74c 100644
--- a/net-ftp/atftp/files/atftp-0.6-security.patch
+++ b/net-ftp/atftp/files/atftp-0.6-security.patch
@@ -1,12 +1,23 @@
---- tftpd_file.c Tue Mar 12 05:26:18 2002
-+++ tftpd_file_diff.c Thu Jun 5 20:31:06 2003
-@@ -357,7 +357,8 @@
- else
- {
- strcpy(filename, directory);
-- strncat(filename, data->tftp_options[OPT_FILENAME].value, VAL_SIZE);
-+ strncat(filename, data->tftp_options[OPT_FILENAME].value,
-+ VAL_SIZE - strlen( directory ) - 1 );
- }
-
- /* If the filename contain /../ sequences, we forbid the access */
+--- tftp.c 2003-06-17 00:13:52.000000000 +0200
++++ tftp.patch.c 2003-06-17 00:09:50.000000000 +0200
+@@ -827,17 +827,17 @@ int tftp_cmd_line_options(int argc, char
+ process_cmd(ac, av);
+ break;
+ case 'T':
+- sprintf(string, "timeout %s", optarg);
++ snprintf(string, sizeof(string), "timeout %s", optarg);
+ make_arg(string, &ac, &av);
+ process_cmd(ac, av);
+ break;
+ case 't':
+- sprintf(string, "option timeout %s", optarg);
++ snprintf(string, sizeof(string), "option timeout %s", optarg);
+ make_arg(string, &ac, &av);
+ process_cmd(ac, av);
+ break;
+ case 'b':
+- sprintf(string, "option blksize %s", optarg);
++ snprintf(string, sizeof(string), "option blksize %s", optarg);
+ make_arg(string, &ac, &av);
+ process_cmd(ac, av);
+ break;