packages: crafty/crafty-security.patch (NEW)=?UTF-8?Q?=20?=- new

blekot blekot at pld-linux.org
Mon May 7 22:35:04 CEST 2012 

Author: blekot                       Date: Mon May  7 20:35:04 2012 GMT
Module: packages                      Tag: HEAD
---- Log message:
- new

---- Files affected:
packages/crafty:
   crafty-security.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: packages/crafty/crafty-security.patch
diff -u /dev/null packages/crafty/crafty-security.patch:1.1
--- /dev/null	Mon May  7 22:35:04 2012
+++ packages/crafty/crafty-security.patch	Mon May  7 22:34:59 2012
@@ -0,0 +1,45 @@
+--- main.c.orig	2010-03-04 03:11:14.000000000 +0100
++++ main.c	2010-03-06 22:34:46.000000000 +0100
+@@ -3888,7 +3888,10 @@
+   if (argc > 1) {
+     for (i = 1; i < argc; i++) {
+       if (strstr(argv[i], "path") || strstr(argv[i], "log")) {
+-        strcpy(buffer, argv[i]);
++       //This is a security flaw (see http://bugs.debian.org/203541
++       //strcpy(buffer, argv[i]);
++       memset(buffer,'\0',sizeof(buffer));
++        strncpy(buffer,argv[i],sizeof(buffer)-1);
+         result = Option(tree);
+         if (result == 0)
+           printf("ERROR \"%s\" is unknown command-line option\n", buffer);
+@@ -3967,7 +3970,10 @@
+     for (i = 1; i < argc; i++)
+       if (strcmp(argv[i], "c"))
+         if (!strstr(argv[i], "path")) {
+-          strcpy(buffer, argv[i]);
++         //This is a security flaw (see http://bugs.debian.org/203541
++         //strcpy(buffer, argv[i]);
++         memset(buffer,'\0',sizeof(buffer));
++          strncpy(buffer,argv[i],sizeof(buffer)-1);
+           result = Option(tree);
+           if (result == 0)
+             printf("ERROR \"%s\" is unknown command-line option\n", buffer);
+@@ -3996,11 +4002,16 @@
+  */
+ #if defined(UNIX)
+   input_stream = fopen(".craftyrc", "r");
+-  if (!input_stream)
++  if (!input_stream) {
+     if ((pwd = getpwuid(getuid()))) {
+       sprintf(path, "%s/.craftyrc", pwd->pw_dir);
+       input_stream = fopen(path, "r");
+     }
++    if (!input_stream) {
++      sprintf (path, "%s/crafty.rc", rc_path);
++      input_stream = fopen (path, "r");
++    }
++  }
+   if (input_stream)
+ #else
+   sprintf(crafty_rc_file_spec, "%s/crafty.rc", rc_path);
+
================================================================

More information about the pld-cvs-commit mailing list