Bug#754945: recode: A possible buffer overflow when the input filename is too long
On Thu, 12 Jan 2017 18:19:51 +0300 Alexander Gerasiov wrote: > Package: recode > Version: 3.6-23 > Followup-For: Bug #754945 > > Another possible solution would be dinamically allocate buffer for > output_name. Please see patch attached. This is already done in recode 3.7.
Bug#754945: recode: A possible buffer overflow when the input filename is too long
Package: recode Version: 3.6-23 Followup-For: Bug #754945 Another possible solution would be dinamically allocate buffer for output_name. Please see patch attached. --- a/src/main.c +++ b/src/main.c @@ -847,12 +847,13 @@ for (; optind < argc; optind++) { const char *input_name; - char output_name[200]; /* FIXME: dangerous limit */ + char *output_name; FILE *file; struct stat file_stat; struct utimbuf file_utime; input_name = argv[optind]; + output_name = xmalloc (strlen (input_name) + 17 + 1); /* 17 is up limit for rec%d.tmp where %d is pid_t */ /* Check if the file can be read and rewritten. */ @@ -965,6 +966,7 @@ unlink (output_name); } + free (output_name); } } else
Bug#754945: recode: A possible buffer overflow when the input filename is too long
Package: recode Version: 3.6-20 Severity: normal Dear Maintainer, please review and include this patch asap. Many greetings from Berlin, Bernard https://github.com/bernardladenthin/Recode/commit/eb3ec625796e83552715b8a20f10664f38cdcd52 -- System Information: Debian Release: 7.6 APT prefers testing-updates APT policy: (500, 'testing-updates'), (500, 'testing') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages recode depends on: ii dpkg 1.16.15 ii install-info 4.13a.dfsg.1-10 ii libc6 2.13-38+deb7u3 ii librecode03.6-20 recode recommends no packages. recode suggests no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org