Overview

File 0012-check-prevent-various-buffer-overflows.patch of Package sblim-sfcb-sle11-sp2

diff -up ./providerRegister.c.orig0011 ./providerRegister.c
--- ./providerRegister.c.orig0011	2009-11-02 16:15:04.000000000 -0700
+++ ./providerRegister.c	2009-11-02 16:19:20.000000000 -0700
@@ -157,7 +157,7 @@ ProviderRegister *newProviderRegister(ch
      dir = "/var/lib/sfcb/registration";
    }
 
-   strcpy(fin, dir);
+   strncpy(fin, dir, sizeof(fin)-18); /* 18 = strlen("/providerRegister")+1 */
    strcat(fin, "/providerRegister");
    in = fopen(fin, "r");
    if (in == NULL) 
@@ -171,7 +171,7 @@ ProviderRegister *newProviderRegister(ch
       bb->ht = UtilFactory->newHashTable(61,
                   UtilHashTable_charKey | UtilHashTable_ignoreKeyCase);
 
-      while (fgets(fin, 1024, in)) {
+      while (fgets(fin, sizeof(fin), in)) {
          n++;
          if (stmt) free(stmt);
          stmt = strdup(fin);
openSUSE Build Service is sponsored by
Places