File xbsql-0.11-bufferoverflowstrncat.patch of Package xbsql
Index: xbsql/xbsql.cpp
===================================================================
--- xbsql/xbsql.cpp.orig 2009-03-02 23:16:12.000000000 +0100
+++ xbsql/xbsql.cpp 2009-03-02 23:23:12.000000000 +0100
@@ -468,7 +468,7 @@ XBSQLTable *XBaseSQL::openTable
char name[256];
strncpy (name, table, sizeof(name)) ;
- strncat (name, "_", sizeof(name)) ;
+ strncat (name, "_", sizeof(name) -strlen(name) -1) ;
strncat (name, fSet.getFieldName (idx), sizeof(name) - strlen(table) - 1) ;
path = getPath (name, "ndx") ;
@@ -874,10 +874,10 @@ bool XBaseSQL::renameTable
const char *fname = fSet.getFieldName (idx) ;
strncpy (_oldName, oldName, sizeof(_oldName)) ;
- strncat (_oldName, "_", sizeof(_oldName)) ;
+ strncat (_oldName, "_", sizeof(_oldName)- strlen(_oldName) -1) ;
strncat (_oldName, fname, sizeof(_oldName) - strlen(oldName) - 1) ;
strncpy (_newName, newName, sizeof(_newName)) ;
- strncat (_newName, "_", sizeof(_newName)) ;
+ strncat (_newName, "_", sizeof(_newName) - strlen(newName) - 1) ;
strncat (_newName, fname, sizeof(_newName) - strlen(newName) - 1) ;
oldAnon = getPath (_oldName, "ndx") ;