Overview

File xbsql-0.11-bufferoverflowstrncat.patch of Package xbsql

Index: xbsql/xbsql.cpp
===================================================================
--- xbsql/xbsql.cpp.orig	2009-03-02 23:16:12.000000000 +0100
+++ xbsql/xbsql.cpp	2009-03-02 23:23:12.000000000 +0100
@@ -468,7 +468,7 @@ XBSQLTable *XBaseSQL::openTable
 		char	name[256];
 
 		strncpy	(name, table,			sizeof(name)) ;
-		strncat	(name, "_",			sizeof(name)) ;
+		strncat	(name, "_",			sizeof(name) -strlen(name) -1) ;
 		strncat	(name, fSet.getFieldName (idx),	sizeof(name) - strlen(table) - 1) ;
 
 		path	= getPath (name, "ndx") ;
@@ -874,10 +874,10 @@ bool	XBaseSQL::renameTable
 			const char	*fname	= fSet.getFieldName (idx) ;
 
 			strncpy	(_oldName, oldName, sizeof(_oldName)) ;
-			strncat	(_oldName, "_",     sizeof(_oldName)) ;
+			strncat	(_oldName, "_",     sizeof(_oldName)- strlen(_oldName) -1) ;
 			strncat	(_oldName, fname,   sizeof(_oldName) - strlen(oldName) - 1) ;
 			strncpy	(_newName, newName, sizeof(_newName)) ;
-			strncat	(_newName, "_",	    sizeof(_newName)) ;
+			strncat	(_newName, "_",	    sizeof(_newName) - strlen(newName) - 1) ;
 			strncat	(_newName, fname,   sizeof(_newName) - strlen(newName) - 1) ;
 
 			oldAnon	= getPath (_oldName, "ndx") ;
openSUSE Build Service is sponsored by
Places