Overview

File cronolog-1.7.0-strncat-compilefix.patch of Package cronolog-enhanced

I: Statement might be overflowing a buffer in strncat. Common mistake:
   BAD: strncat(buffer,charptr,sizeof(buffer)) is wrong, it takes the left over size as 3rd argument
   GOOD: strncat(buffer,charptr,sizeof(buffer)-strlen(buffer)-1)
E: cronolog bufferoverflowstrncat cronolog.c:336, 340

poeml, Thu Mar  5 21:12:49 CET 2009

diff -uNrp cronolog-1.7.0.orig/src/cronolog.c cronolog-1.7.0/src/cronolog.c
--- cronolog-1.7.0.orig/src/cronolog.c	2004-07-28 21:09:50.000000000 +0200
+++ cronolog-1.7.0/src/cronolog.c	2009-03-05 21:10:58.600181000 +0100
@@ -333,11 +333,11 @@ main(int argc, char **argv)
         }
         break;
     case 'r':
-            strncat(handler, optarg, MAX_PATH );
+            strncat(handler, optarg, sizeof(handler) - strlen(optarg) - 1);
             use_handler=1;
             break;
     case 'G':
-            strncat(handler_arg, optarg, MAX_PATH );
+            strncat(handler_arg, optarg, sizeof(handler_arg) - strlen(optarg) - 1);
             use_handler_arg=1;
             break;
     case 'n':
openSUSE Build Service is sponsored by
Places