File curl-7.15.5-CVE-2006-1061.patch of Package yup

--- lib/tftp.c
+++ lib/tftp.c
@@ -271,7 +271,8 @@
       /* If we are downloading, send an RRQ */
       state->spacket.event = htons(TFTP_EVENT_RRQ);
     }
-    sprintf((char *)state->spacket.u.request.data, "%s%c%s%c",
+    snprintf((char *)state->spacket.u.request.data,
+		    sizeof(state->spacket.u.request.data), "%s%c%s%c",
             filename, '\0',  mode, '\0');
     sbytes = 4 + (int)strlen(filename) + (int)strlen(mode);
     sbytes = sendto(state->sockfd, (void *)&state->spacket,

Places

File curl-7.15.5-CVE-2006-1061.patch of Package yup

Places