Bug#430108: cdebconf: Off by one error
Package: cdebconf
Version: 0.116
Severity: normal
Tags: patch
A read could fill the whole buffer and we put a null-char at the end
of the read data so we could write on a byte just after our buffer.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.22-rc4-mexhat (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages cdebconf depends on:
ii libatk1.0-0 1.18.0-2 The ATK accessibility toolkit
ii libc6 2.5-11 GNU C Library: Shared libraries
ii libcairo2 1.4.8-1 The Cairo 2D vector graphics libra
ii libdebian-installer4 0.51 Library of common debian-installer
ii libdirectfb-0.9-25 0.9.25.1-6 direct frame buffer graphics - sha
ii libglib2.0-0 2.12.12-1 The GLib library of C routines
ii libgtk-directfb-2.0-0 2.10.13-1 The GTK+ graphical user interface
ii libgtk2.0-0 2.10.13-1 The GTK+ graphical user interface
ii libnewt0.52 0.52.2-10 Not Erik's Windowing Toolkit - tex
ii libpango1.0-0 1.16.4-1 Layout and rendering of internatio
ii libtextwrap1 0.1-5 text-wrapping library with i18n -
cdebconf recommends no packages.
Index: confmodule.c
===================================================================
--- confmodule.c (revision 47280)
+++ confmodule.c (working copy)
@@ -84,7 +84,7 @@
return DC_OK;
}
- ret = read(mod->infd, buf, sizeof(buf));
+ ret = read(mod->infd, buf, sizeof(buf)-1);
if (ret < 0) {
if (errno == EINTR)
continue;
Reply to: