[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#404235: segfault patch for 404235

* Jens Seidel <jensseidel@users.sf.net> [2006-12-30 18:19]:
> On Fri, Dec 29, 2006 at 07:08:29PM +0100, Nico Golde wrote:
> > +++ trr_format.c	2006-12-29 18:27:26.000000000 +0100
> >  main(int argc, char **argv){
> > -  char textfile[256], formattedfile[256], lockfile[256], *tmpfname;
> > -  char command[256], line[1024];
> > +  char textfile[_POSIX_PATH_MAX], formattedfile[_POSIX_PATH_MAX], lockfile[_POSIX_PATH_MAX], *tmpfname;
> > +  char command[_POSIX_PATH_MAX], line[_POSIX_PATH_MAX];
> Please note that this will probably not work with the Hurd. This system
> tries to avoid all useless limitations and _POSIX_PATH_MAX is one of
> these. The proper solution is to create the buffers dynamically ...

Yes that would be better then I didnt do this cause the code 
doesnt really need dinamically allocated buffers. Anyway the 
patch should just show all the other problems that exist in 
the code but I would suggest a documentation of secure 
programming and a complete rewrite of the code to the 
upstream author. Also the substitution of SED and GREP via 
the makefile in the c-files and then calling system() is 
really ugly.
Kind regards, happy new year
Nico Golde - http://www.ngolde.de
JAB: nion@jabber.ccc.de - GPG: 0x73647CFF
Forget about that mouse with 3/4/5 buttons,
gimme a keyboard with 103/104/105 keys!

Attachment: pgplOzHfynVlk.pgp
Description: PGP signature

Reply to: