Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:adrianSuSE:PL
arj
arj-3.10.22-fixstrcpy.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File arj-3.10.22-fixstrcpy.patch of Package arj
Author: Bernhard M. Wiedemann <bwiedemann@suse.de> Co-Author: Thorsten Otto <admin@tho-otto.de> Date: 2020-03-25 ; 2023-04-04 reproducible builds showed differences in strings produced from msgbind depending on CPU-type valgrind --tool=memcheck helped to locate two relevant calls to strcpy on overlapping regions diff -rup arj-3.10.22.orig/arj.c arj-3.10.22/arj.c --- arj-3.10.22.orig/arj.c 2005-06-21 21:53:12.000000000 +0200 +++ arj-3.10.22/arj.c 2023-04-04 18:07:00.860946972 +0200 @@ -1170,7 +1170,7 @@ int main(int argc, char *argv[]) if(strlen(tmp_ptr)<=121) tmp_ptr[0]='\0'; else if(tmp_ptr[120]==' ') - strcpy(tmp_ptr, tmp_ptr+121); + memmove(tmp_ptr, tmp_ptr+121, strlen(tmp_ptr+121)+1); } if(cmd==ARJ_CMD_ORDER&&strpbrk(tmp_ptr, wildcard_pattern)!=NULL) error(M_ORDER_WILDCARD); Index: arj-3.10.22/arjdata.c =================================================================== --- arj-3.10.22.orig/arjdata.c +++ arj-3.10.22/arjdata.c @@ -232,7 +232,7 @@ char *expand_tags(char *str, int limit) { if(*(p+1)==TAG_CHAR) { - strcpy(p, p+1); + safe_strcpy(p, p+1); p++; } else if(*(p+1)==TAG_SPECIAL_BEGIN&&(et=strchr(p+3, TAG_SPECIAL_END))!=NULL) Index: arj-3.10.22/msgbind.c =================================================================== --- arj-3.10.22.orig/msgbind.c +++ arj-3.10.22/msgbind.c @@ -21,6 +21,12 @@ #include <signal.h> #include <time.h> +static void safe_strcpy(char *dest, const char *src) +{ + memmove(dest, src, strlen(src) + 1); +} + + #define MSG_SIZE 32752 /* Constant msg buffer size */ #define POOL_SIZE 51200 /* Maximum size of variable-len buf */ #define POOL_R_INC 1024 /* Realloc incrementation */ @@ -574,7 +574,7 @@ int main(int argc, char **argv) } strcat(pool[tpool].data, msgname); strcat(pool[tpool].data, ", "); - strcpy(msg_buffer, msg_buffer+1); + safe_strcpy(msg_buffer, msg_buffer+1); buf_len=strlen(msg_buffer); msg_buffer[--buf_len]='\0'; patch_string(msg_buffer); diff -rup arj-3.10.22.orig/packager.c arj-3.10.22/packager.c --- arj-3.10.22.orig/packager.c 2004-04-17 13:39:42.000000000 +0200 +++ arj-3.10.22/packager.c 2023-04-04 18:05:26.869081516 +0200 @@ -347,7 +347,7 @@ int main(int argc, char **argv) expand_tags(buf, sizeof(buf)-1); if((p=strchr(buf, '.'))!=NULL) { - strcpy(p, p+1); + memmove(p, p+1, strlen(p+1) + 1); if((p=strchr(buf, '.'))!=NULL) *p='\0'; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor