Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
M17N
hypermail
hypermail-audit.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File hypermail-audit.patch of Package hypermail
Index: hypermail-2.2.0.20070131/archive/mbox2hypermail.c =================================================================== --- hypermail-2.2.0.20070131.orig/archive/mbox2hypermail.c +++ hypermail-2.2.0.20070131/archive/mbox2hypermail.c @@ -16,6 +16,7 @@ #include <stdio.h> #include <sys/types.h> #include <sys/stat.h> +#include <fcntl.h> #include <unistd.h> #include <ctype.h> #include <string.h> @@ -115,6 +116,7 @@ static void process_messages(char *flnam int cntr; int first; + int msgfd; FILE *msgfp; @@ -209,7 +211,12 @@ static void process_messages(char *flnam system(cmdstr); ++cntr; - msgfp = efopen(msgfile, "w"); + if((msgfd = open(msgfile, O_RDWR | O_CREAT | O_EXCL, 0600)) == -1) + { + fprintf(stderr, "Error while creating file '%d'\n", msgfile); + return; + } + msgfp = fdopen(msgfd, "w"); } } (void)fputs(s, msgfp); Index: hypermail-2.2.0.20070131/src/parse.c =================================================================== --- hypermail-2.2.0.20070131.orig/src/parse.c +++ hypermail-2.2.0.20070131/src/parse.c @@ -1391,7 +1391,7 @@ int parsemail(char *mbox, /* file name * for ( ; fgets(line_buf, MAXLINE, fp) != NULL; set_txtsuffix ? PushString(&raw_text_buf, line_buf) : 0) { #if DEBUG_PARSE - printf("IN: %s", line); + printf("IN: %s", line); /* AUDIT: biege: line points to NULL here! take care. */ #endif if(set_append) { if(fputs(line_buf, fpo) < 0) { Index: hypermail-2.2.0.20070131/src/print.c =================================================================== --- hypermail-2.2.0.20070131.orig/src/print.c +++ hypermail-2.2.0.20070131/src/print.c @@ -792,7 +792,7 @@ void printdates(FILE *fp, struct header } else is_first = TRUE; - sprintf(date_str, "<li>%s<dfn>%s</dfn><ul>\n", + snprintf(date_str, sizeof(date_str), "<li>%s<dfn>%s</dfn><ul>\n", (is_first) ? first_attributes : "", tmp); fprintf (fp, "%s", date_str); strcpy (prev_date_str, tmp); @@ -2620,7 +2620,7 @@ void printsubjects(FILE *fp, struct head else { startline = "<li>"; break_str = ""; - sprintf(date_str, "<em>(%s)</em>", getindexdatestr(hp->data->date)); + snprintf(date_str, sizeof(date_str), "<em>(%s)</em>", getindexdatestr(hp->data->date)); endline = "</li>"; } fprintf(fp, @@ -2775,7 +2775,7 @@ void printauthors(FILE *fp, struct heade else { startline = "<li>"; break_str = " "; - sprintf(date_str, "<em>(%s)</em>", getindexdatestr(hp->data->date)); + snprintf(date_str, sizeof(date_str), "<em>(%s)</em>", getindexdatestr(hp->data->date)); endline = "</li>"; } fprintf(fp,"%s%s%s</a>%s<a name=\"%d\" id=\"%d\">%s</a>%s\n", Index: hypermail-2.2.0.20070131/src/uudecode.c =================================================================== --- hypermail-2.2.0.20070131.orig/src/uudecode.c +++ hypermail-2.2.0.20070131/src/uudecode.c @@ -103,7 +103,7 @@ int uudecode(FILE *input, /* get file da } n = DEC(*p); - for (++p; n > 0; p += 4, n -= 3) { + for (++p; (n > 0) && (outlen < 80); p += 4, n -= 3) { if (n >= 3) { if (!(IS_DEC(*p) && IS_DEC(*(p + 1)) && IS_DEC(*(p + 2)) && IS_DEC(*(p + 3))))
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor