Package: lftp
Version: 3.5.14-1
Severity: minor
Hi,
lftp contains the following code in misc.cc:
189 >··· home=getenv("HOME");
190 }
191 else
192 {
193 >··· // extract user name and find the home
194 >··· int name_len=(sl?sl-s-1:strlen(s+1));
195 >··· char *name=(char*)alloca(name_len+1);
196 >··· strncpy(name,s+1,name_len);
197 >··· name[name_len]=0;
198
199 >··· struct passwd *pw=getpwnam(name);
200 >··· if(pw)
201 >··· home=pw->pw_dir;
202 }
203 if(home==0)
204 >··· return s;
205
206 if(sl)
207 {
208 >··· ret_path=(char*)xrealloc(ret_path,strlen(sl)+strlen(home)+1);This code will segfault if HOME is not set because the return value of getenv is not checked. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgptIvftcwL2k.pgp
Description: PGP signature
