diff options
| author | christos <christos@pkgsrc.org> | 2019-09-06 14:51:42 +0000 |
|---|---|---|
| committer | christos <christos@pkgsrc.org> | 2019-09-06 14:51:42 +0000 |
| commit | a85f347d616ec031eb6aa1557692904c3de8b27f (patch) | |
| tree | 46af3123a8261579c5831f47bac83449554d3cbb | |
| parent | f30e5ea1019fb9e25bf25a3a76cc16ec49729706 (diff) | |
| download | pkgsrc-a85f347d616ec031eb6aa1557692904c3de8b27f.tar.gz | |
PR/54528: greywolf: fix fortify issue with stack overwrites.
| -rw-r--r-- | editors/jove/patches/patch-proc.c | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/editors/jove/patches/patch-proc.c b/editors/jove/patches/patch-proc.c new file mode 100644 index 00000000000..504aa8cee01 --- /dev/null +++ b/editors/jove/patches/patch-proc.c @@ -0,0 +1,29 @@ +# $NetBSD: patch-proc.c,v 1.1 2019/09/06 14:51:42 christos Exp $ + +Don't smash the stack by using the same variable for input and output. + +--- proc.c 2015-10-15 14:12:25.000000000 -0400 ++++ proc.c 2019-09-06 10:20:35.710848362 -0400 +@@ -330,18 +330,19 @@ + char *command; + { + static char bnm[FILESIZE]; +- register char *cp = bnm, ++ char nm[FILESIZE]; ++ char *cp = nm, + c; + + do { + c = *command++; + } while (jiswhite(c)); +- while (cp < &bnm[sizeof(bnm) - 1] && c != '\0' && !jiswhite(c)) { ++ while (cp < &nm[sizeof(nm) - 1] && c != '\0' && !jiswhite(c)) { + *cp++ = c; + c = *command++; + } + *cp = '\0'; +- strcpy(bnm, jbasename(bnm)); ++ strcpy(bnm, jbasename(nm)); + + return bnm; + } |