This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Inetutils ".
The branch, master has been updated
via 961fcfa007a8fb1ee66454e0fe23f674e96756f5 (commit)
from 0d3cbd6cdb7bd33a668dc45694c06c4512eceae0 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=961fcfa007a8fb1ee66454e0fe23f674e96756f5
commit 961fcfa007a8fb1ee66454e0fe23f674e96756f5
Author: Tim Rühsen <[email protected]>
Date: Sat Feb 29 18:57:47 2020 +0100
ftp: Fix 2x misuse of strncpy (read buffer overflow)
diff --git a/ftp/ftp.c b/ftp/ftp.c
index 0dd19b3..7fe99ab 100644
--- a/ftp/ftp.c
+++ b/ftp/ftp.c
@@ -1725,10 +1725,10 @@ pswitch (int flag)
ip->ntflg = ntflag;
ntflag = op->ntflg;
strncpy (ip->nti, ntin, sizeof (ntin) - 1);
- (ip->nti)[strlen (ip->nti)] = '\0';
+ (ip->nti)[sizeof (ntin) - 1] = '\0';
strcpy (ntin, op->nti);
strncpy (ip->nto, ntout, sizeof (ntout) - 1);
- (ip->nto)[strlen (ip->nto)] = '\0';
+ (ip->nto)[sizeof (ntout) - 1] = '\0';
strcpy (ntout, op->nto);
ip->mapflg = mapflag;
mapflag = op->mapflg;
-----------------------------------------------------------------------
Summary of changes:
ftp/ftp.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
hooks/post-receive
--
GNU Inetutils
_______________________________________________
Commit-inetutils mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/commit-inetutils
