Overview

File atftp-CVE-2019-11365.patch of Package atftp.21225

Index: atftp-0.7/tftpd_file.c
===================================================================
--- atftp-0.7.orig/tftpd_file.c
+++ atftp-0.7/tftpd_file.c
@@ -286,9 +286,7 @@ int tftpd_receive_file(struct thread_dat
                          else
                               logger(LOG_WARNING, "source port mismatch, check bypassed");
                     }
-                    Strncpy(string, tftphdr->th_msg,
-                            (((data_size - 4) > MAXLEN) ? MAXLEN :
-                             (data_size - 4)));
+                    Strncpy(string, tftphdr->th_msg, sizeof(string));
                     if (data->trace)
                          logger(LOG_DEBUG, "received ERROR <code: %d, msg: %s>",
                                 ntohs(tftphdr->th_code), string);
@@ -1006,9 +1004,7 @@ int tftpd_send_file(struct thread_data *
                          }
                     }
                     /* Got an ERROR from the current master client */
-                    Strncpy(string, tftphdr->th_msg,
-                            (((data_size - 4) > MAXLEN) ? MAXLEN :
-                             (data_size - 4)));
+                    Strncpy(string, tftphdr->th_msg, sizeof(string));
                     if (data->trace)
                          logger(LOG_DEBUG, "received ERROR <code: %d, msg: %s>",
                                 ntohs(tftphdr->th_code), string);
openSUSE Build Service is sponsored by
Places