Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:1484
bash.openSUSE_12.2_Update
bash42-033-bnc770795.patch
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File bash42-033-bnc770795.patch of Package bash.openSUSE_12.2_Update
BASH PATCH REPORT ================= Bash-Release: 4.2 Patch-ID: bash42-033 Bug-Reported-by: David Leverton <levertond@googlemail.com> Bug-Reference-ID: <4FCCE737.1060603@googlemail.com> Bug-Reference-URL: Bug-Description: Bash uses a static buffer when expanding the /dev/fd prefix for the test and conditional commands, among other uses, when it should use a dynamic buffer to avoid buffer overflow. Patch (apply with `patch -p0'): *** ../bash-4.2-patched/lib/sh/eaccess.c 2011-01-08 20:50:10.000000000 -0500 --- lib/sh/eaccess.c 2012-06-04 21:06:43.000000000 -0400 *************** *** 83,86 **** --- 83,88 ---- struct stat *finfo; { + static char *pbuf = 0; + if (*path == '\0') { *************** *** 107,111 **** On most systems, with the notable exception of linux, this is effectively a no-op. */ ! char pbuf[32]; strcpy (pbuf, DEV_FD_PREFIX); strcat (pbuf, path + 8); --- 109,113 ---- On most systems, with the notable exception of linux, this is effectively a no-op. */ ! pbuf = xrealloc (pbuf, sizeof (DEV_FD_PREFIX) + strlen (path + 8)); strcpy (pbuf, DEV_FD_PREFIX); strcat (pbuf, path + 8);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor