Pull up security fixes to the pkgsrc-2003Q4 branch, requested by Sorenpkgsrc_2003Q4

Jacobsen. Module Name: pkgsrc Committed By: snj Date: Sat Feb 28 18:36:38 UTC 2004 Modified Files: pkgsrc/games/xboing: Makefile distinfo pkgsrc/games/xboing/patches: patch-ad Added Files: pkgsrc/games/xboing/patches: patch-ae patch-af patch-ag patch-ah patch-ai Log Message: strcpy and sprintf are evil, don't use them. Inspired by similar changes in Debian. This fixes several locally exploitable vulnerabilities.
author: agc <agc> 2004-03-08 17:44:16 +0000
committer: agc <agc> 2004-03-08 17:44:16 +0000
commit: a53837d41be36e527b532e4f77d61332e719091e (patch)
tree: 4151d76860522ab6e64779874e524bd1d43fcf13 /games/xboing/patches/patch-ah
parent: 9103d673d003665bff332c16dcbb7bdb51b5cf6e (diff)
download: pkgsrc_2003Q4.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/games/xboing/patches/patch-ah b/games/xboing/patches/patch-ah
new file mode 100644
index 00000000000..261d5b9057f
--- /dev/null
+++ b/games/xboing/patches/patch-ah
@@ -0,0 +1,13 @@
+$NetBSD: patch-ah,v 1.1.2.2 2004/03/08 17:44:16 agc Exp $
+
+--- init.c.orig	2004-02-28 10:13:29.000000000 -0800
++++ init.c	2004-02-28 10:14:17.000000000 -0800
+@@ -438,7 +438,7 @@ static void HandleDisplayErrors(displayN
+ 		WarningMessage("Your X Window system display variable is not set.");
+ 	else
+ 	{
+-		sprintf(string, "Cannot connect to display called <%s>.", displayName);
++		snprintf(string, sizeof(string), "Cannot connect to display called <%s>.", displayName);
+ 		WarningMessage(string);
+ 	}
+ }
author	agc <agc>	2004-03-08 17:44:16 +0000
committer	agc <agc>	2004-03-08 17:44:16 +0000
commit	a53837d41be36e527b532e4f77d61332e719091e (patch)
tree	4151d76860522ab6e64779874e524bd1d43fcf13 /games/xboing/patches/patch-ah
parent	9103d673d003665bff332c16dcbb7bdb51b5cf6e (diff)
download	pkgsrc_2003Q4.tar.gz