tag 443913 patch etch
thanks
This problem is fixed in unstable by uploading the new upstream
version (3.11-1). A fix for etch is awaitng the security team.
Patch for version 3.3-1 attached
//Makholm
diff -Naur inotify-tools-3.3-orig/libinotifytools/src/inotifytools.c inotify-tools-3.3/libinotifytools/src/inotifytools.c
--- inotify-tools-3.3-orig/libinotifytools/src/inotifytools.c 2006-10-29 09:44:06.0 +0100
+++ inotify-tools-3.3/libinotifytools/src/inotifytools.c 2007-09-25 07:49:10.768454036 +0200
@@ -1634,7 +1634,7 @@
if ( ch1 == 'w' ) {
if ( filename ) {
-strncpy( &out[ind], filename, MAX_STRLEN - ind );
+strncpy( &out[ind], filename, size - ind );
ind += strlen(filename);
}
++i;
@@ -1643,7 +1643,7 @@
if ( ch1 == 'f' ) {
if ( eventname ) {
-strncpy( &out[ind], eventname, MAX_STRLEN - ind );
+strncpy( &out[ind], eventname, size - ind );
ind += strlen(eventname);
}
++i;
@@ -1652,7 +1652,7 @@
if ( ch1 == 'e' ) {
eventstr = inotifytools_event_to_str( event->mask );
- strncpy( &out[ind], eventstr, MAX_STRLEN - ind );
+ strncpy( &out[ind], eventstr, size - ind );
ind += strlen(eventstr);
++i;
continue;
@@ -1675,7 +1675,7 @@
timestr[0] = 0;
}
- strncpy( &out[ind], timestr, MAX_STRLEN - ind );
+ strncpy( &out[ind], timestr, size - ind );
ind += strlen(timestr);
++i;
continue;
@@ -1684,7 +1684,7 @@
// Check if next char in fmt is e
if ( i < strlen(fmt) - 2 && fmt[i+2] == 'e' ) {
eventstr = inotifytools_event_to_str_sep( event->mask, ch1 );
- strncpy( &out[ind], eventstr, MAX_STRLEN - ind );
+ strncpy( &out[ind], eventstr, size - ind );
ind += strlen(eventstr);
i += 2;
continue;