Even more patches
santiago at crfreenet.org
Mon Aug 25 21:02:38 CEST 2008
On Mon, Aug 25, 2008 at 01:12:07PM +0200, Martin Mares wrote:
> > diff -urN bird-1.0.11.orig/sysdep/unix/io.c bird-1.0.11/sysdep/unix/io.c
> > --- bird-1.0.11.orig/sysdep/unix/io.c 2005-02-14 18:15:04.000000000 -0500
> > +++ bird-1.0.11/sysdep/unix/io.c 2006-07-13 09:34:29.000000000 -0400
> > @@ -866,7 +866,7 @@
> > goto bad;
> > unlink(name);
> > sa.sun_family = AF_UNIX;
> > - strcpy(sa.sun_path, name);
> > + strncpy(sa.sun_path, name, sizeof(sa.sun_path));
> > if (bind(fd, (struct sockaddr *) &sa, SUN_LEN(&sa)) < 0)
> > ERR("bind");
> > if (listen(fd, 8))
> This is seriously wrong. If the name is too long, it gets trimmed and the
> terminating zero gets lost. The proper solution would be to report an error
> in such cases. Could you please update the patch?
As O. Filip already has some variant of the patch in his tree,
i will postpone this until i saw that. The public GIT repository
would be nice.
Elen sila lumenn' omentielvo
Ondrej 'SanTiago' Zajicek (email: santiago at crfreenet.org)
OpenPGP encrypted e-mails preferred (KeyID 0x11DEADC3, wwwkeys.pgp.net)
"To err is human -- to blame it on a computer is even more so."
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 197 bytes
Desc: Digital signature
More information about the Bird-users