Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP7:GA
mgetty.8835
mgetty-fix-buffer-overflow.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File mgetty-fix-buffer-overflow.patch of Package mgetty.8835
Index: mgetty-1.1.37/faxrec.c =================================================================== --- mgetty-1.1.37.orig/faxrec.c +++ mgetty-1.1.37/faxrec.c @@ -192,7 +192,7 @@ time_t ti; lprintf( L_NOISE, "fax_notify_mail: sending mail to: %s", mail_to ); - sprintf( buf, "%s %s >/dev/null 2>&1", MAILER, mail_to ); + sprintf( buf, "%.80s \"%.150s\" >/dev/null 2>&1", MAILER, mail_to ); pipe_fp = popen( buf, "w" ); if ( pipe_fp == NULL ) Index: mgetty-1.1.37/contrib/next-login/login.c =================================================================== --- mgetty-1.1.37.orig/contrib/next-login/login.c +++ mgetty-1.1.37/contrib/next-login/login.c @@ -218,7 +218,9 @@ main(argc, argv) badlogin(tbuf); failures = 0; } - (void)strcpy(tbuf, username); + (void)strncpy(tbuf, username, sizeof(tbuf)-1); + tbuf[sizeof(tbuf)-1] = '\0'; + if (pwd = getpwnam(username)) salt = pwd->pw_passwd; else
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor