On Mon, Nov 10, 2008 at 20:35, Aaron Griffin <[email protected]> wrote: > On Mon, Nov 10, 2008 at 12:24 PM, Johannes Krampf > <[email protected]> wrote: >> Hi, >> >> I've found a small compatibility problem and static checking a minor >> buffer overflow in libdownload. Please excuse if this should already >> be fixed in git. >> >> Here's the patch, <stdint.h> is included for uintptr_t and fscanf >> writes a trailing \0, therefore requiring 1025 bytes in the worst >> case: > > Just an FYI, NetBSD's libfetch code compiles on linux with a minor > modification. So I think we're planning on switching to that.
...and that bug is fixed there long before in FreeBSD's libfetch. Thanks for info, Aaron! I wasn't aware that NetBSD has their own libfetch. Looks like NetBSD's libfetch was heavily reworked in some places, including some new features added. The only thing it's missing from FreeBSD's lbfetch is support for HTTP 1.1 If-Modified-Since behavior (which was only added less than 2 weeks ago). There's one Linux-compatability fix after 2.20: http://cvsweb.se.netbsd.org/cgi-bin/bsdweb.cgi/pkgsrc/net/libfetch/files/ftp.c.diff?r1=1.24;r2=1.25 Not sure if it's important enough for us though. -- Roman Kyrylych (Роман Кирилич) _______________________________________________ pacman-dev mailing list [email protected] http://archlinux.org/mailman/listinfo/pacman-dev
