Pull up security fixes to the pkgsrc-2003Q4 branch, requested by Sorenpkgsrc_2003Q4

Jacobsen. Module Name: pkgsrc Committed By: snj Date: Sat Feb 28 18:36:38 UTC 2004 Modified Files: pkgsrc/games/xboing: Makefile distinfo pkgsrc/games/xboing/patches: patch-ad Added Files: pkgsrc/games/xboing/patches: patch-ae patch-af patch-ag patch-ah patch-ai Log Message: strcpy and sprintf are evil, don't use them. Inspired by similar changes in Debian. This fixes several locally exploitable vulnerabilities.
author: agc <agc> 2004-03-08 17:44:16 +0000
committer: agc <agc> 2004-03-08 17:44:16 +0000
commit: a53837d41be36e527b532e4f77d61332e719091e (patch)
tree: 4151d76860522ab6e64779874e524bd1d43fcf13 /games/xboing/patches/patch-ai
parent: 9103d673d003665bff332c16dcbb7bdb51b5cf6e (diff)
download: pkgsrc_2003Q4.tar.gz
1 files changed, 13 insertions, 0 deletions
diff --git a/games/xboing/patches/patch-ai b/games/xboing/patches/patch-ai
new file mode 100644
index 00000000000..c02c08b7565
--- /dev/null
+++ b/games/xboing/patches/patch-ai
@@ -0,0 +1,13 @@
+$NetBSD: patch-ai,v 1.1.2.2 2004/03/08 17:44:17 agc Exp $
+
+--- preview.c.orig	2004-02-28 10:19:15.000000000 -0800
++++ preview.c	2004-02-28 10:19:31.000000000 -0800
+@@ -139,7 +139,7 @@ static void DoLoadLevel(display, window)
+ 
+     /* Construct the Preview level filename */
+     if ((str = getenv("XBOING_LEVELS_DIR")) != NULL)
+-        sprintf(levelPath, "%s/level%02d.data", str, lnum);
++        snprintf(levelPath, sizeof(levelPath), "%s/level%02d.data", str, lnum);
+     else
+         sprintf(levelPath, "%s/level%02d.data", LEVEL_INSTALL_DIR, lnum);
+
author	agc <agc>	2004-03-08 17:44:16 +0000
committer	agc <agc>	2004-03-08 17:44:16 +0000
commit	a53837d41be36e527b532e4f77d61332e719091e (patch)
tree	4151d76860522ab6e64779874e524bd1d43fcf13 /games/xboing/patches/patch-ai
parent	9103d673d003665bff332c16dcbb7bdb51b5cf6e (diff)
download	pkgsrc_2003Q4.tar.gz