diff options
Diffstat (limited to 'sysutils/tcx/patches/patch-ad')
-rw-r--r-- | sysutils/tcx/patches/patch-ad | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/sysutils/tcx/patches/patch-ad b/sysutils/tcx/patches/patch-ad new file mode 100644 index 00000000000..489002cfcd5 --- /dev/null +++ b/sysutils/tcx/patches/patch-ad @@ -0,0 +1,36 @@ +$NetBSD: patch-ad,v 1.1.1.1 2003/06/23 13:55:24 agc Exp $ + +Minor security audit + +--- tcx.c 2003/06/20 10:44:29 1.1 ++++ tcx.c 2003/06/20 10:45:54 +@@ -120,16 +120,16 @@ + /* If cannot, warn user and quit */ + + if(strrchr(argv[1], '/') == NULL) +- (void)sprintf(tofile, ".tcx.%s", argv[1]); ++ (void)snprintf(tofile, sizeof(tofile), ".tcx.%s", argv[1]); + else + { +- (void)strcpy(tofile, argv[1]); ++ (void)strlcpy(tofile, argv[1], sizeof(tofile)); + s = strrchr(tofile, '/'); + *s = '\0'; +- (void)strcat(tofile, "/.tcx."); ++ (void)strlcat(tofile, "/.tcx.", sizeof(tofile)); + s = strrchr(argv[1], '/'); + s++; +- (void)strcat(tofile, s); ++ (void)strlcat(tofile, s, sizeof(tofile)); + } + + lck.l_type = F_WRLCK; lck.l_whence = 0; lck.l_start = 0; lck.l_len = 0; +@@ -213,7 +213,7 @@ + + /* Spit out header and start encoding executable */ + +- (void)sprintf(header, "#!%s\n", PATHUNTCX); ++ (void)snprintf(header, sizeof(header), "#!%s\n", PATHUNTCX); + if(write(outfd, header, strlen(header)) < 0) { (void)perror("write"); exit(-1); } + + c = 0; if((write(outfd, &c, 1)) < 0) { (void)perror("write"); exit(-1); } |