Package: vifm Version: 0.4-1 Severity: normal Tags: patch User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu jaunty ubuntu-patch
In Ubuntu the vifm package is built with fortify source and this was causing vifm to not to run due to a possible buffer overflow because of an incorrect size in snprintf. For further information see Ubuntu bug http://launchpad.net/bugs/301607. I've attached a patch that resolves the issue and is based on Kjell Braden's work in the same bug report. Additionally, when I was creating an updated Ubuntu package I noticed there were some backup files (README.debian, config.c, debian/rules) in the package that might need some cleaning up. -- Brian Murray @ubuntu.com
--- vifm-0.4.orig/src/color_scheme.c +++ vifm-0.4/src/color_scheme.c @@ -44,7 +44,7 @@ load_default_colors() { - snprintf(col_schemes[0].name, PATH_MAX, "Default"); + snprintf(col_schemes[0].name, NAME_MAX, "Default"); snprintf(col_schemes[0].dir, PATH_MAX, "/"); col_schemes[0].color[0].name = MENU_COLOR; @@ -262,7 +262,7 @@ // sizeof(Col_scheme *) +1); snprintf(col_schemes[cfg.color_scheme_num].name, - PATH_MAX, "%s", s1); + NAME_MAX, "%s", s1); cfg.color_scheme_num++;
signature.asc
Description: Digital signature