diff options
| author | agc <agc@pkgsrc.org> | 2004-03-08 17:44:16 +0000 |
|---|---|---|
| committer | agc <agc@pkgsrc.org> | 2004-03-08 17:44:16 +0000 |
| commit | 44b8132cea96f82444c631d4835ebb548486a921 (patch) | |
| tree | 4151d76860522ab6e64779874e524bd1d43fcf13 /games/xboing/patches/patch-af | |
| parent | d1c51cbccd057d56f9237360a9657dfb0e84b4ef (diff) | |
| download | pkgsrc-44b8132cea96f82444c631d4835ebb548486a921.tar.gz | |
Pull up security fixes to the pkgsrc-2003Q4 branch, requested by Sorenpkgsrc-2003Q4
Jacobsen.
Module Name: pkgsrc
Committed By: snj
Date: Sat Feb 28 18:36:38 UTC 2004
Modified Files:
pkgsrc/games/xboing: Makefile distinfo
pkgsrc/games/xboing/patches: patch-ad
Added Files:
pkgsrc/games/xboing/patches: patch-ae patch-af patch-ag patch-ah
patch-ai
Log Message:
strcpy and sprintf are evil, don't use them. Inspired by similar changes
in Debian. This fixes several locally exploitable vulnerabilities.
Diffstat (limited to 'games/xboing/patches/patch-af')
| -rw-r--r-- | games/xboing/patches/patch-af | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/games/xboing/patches/patch-af b/games/xboing/patches/patch-af new file mode 100644 index 00000000000..d69bf8a040d --- /dev/null +++ b/games/xboing/patches/patch-af @@ -0,0 +1,31 @@ +$NetBSD: patch-af,v 1.1.2.2 2004/03/08 17:44:16 agc Exp $ + +--- editor.c.orig 2004-02-28 10:06:52.000000000 -0800 ++++ editor.c 2004-02-28 10:10:24.000000000 -0800 +@@ -213,7 +213,7 @@ static void DoLoadLevel(display, window) + + /* Construct the Edit level filename */ + if ((str = getenv("XBOING_LEVELS_DIR")) != NULL) +- sprintf(levelPath, "%s/editor.data", str); ++ snprintf(levelPath, sizeof(levelPath), "%s/editor.data", str); + else + sprintf(levelPath, "%s/editor.data", LEVEL_INSTALL_DIR); + +@@ -959,7 +959,7 @@ static void LoadALevel(display) + { + /* Construct the Edit level filename */ + if ((str2 = getenv("XBOING_LEVELS_DIR")) != NULL) +- sprintf(levelPath, "%s/level%02ld.data", str2, (u_long) num); ++ snprintf(levelPath, sizeof(levelPath), "%s/level%02ld.data", str2, (u_long) num); + else + sprintf(levelPath, "%s/level%02ld.data", + LEVEL_INSTALL_DIR, (u_long) num); +@@ -1019,7 +1019,7 @@ static void SaveALevel(display) + { + /* Construct the Edit level filename */ + if ((str2 = getenv("XBOING_LEVELS_DIR")) != NULL) +- sprintf(levelPath, "%s/level%02ld.data", str2, (u_long) num); ++ snprintf(levelPath, sizeof(levelPath), "%s/level%02ld.data", str2, (u_long) num); + else + sprintf(levelPath, "%s/level%02ld.data", + LEVEL_INSTALL_DIR, (u_long) num); |