Package: vifm Version: 0.4-1 Severity: normal Tags: patch User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu jaunty ubuntu-patch
In Ubuntu the vifm package is built with fortify source and this was causing vifm to not to run due to a possible buffer overflow because of an incorrect size in snprintf. For further information see Ubuntu bug http://launchpad.net/bugs/301607. I've attached a patch that resolves the issue and is based on Kjell Braden's work in the same bug report. Additionally, when I was creating an updated Ubuntu package I noticed there were some backup files (README.debian, config.c, debian/rules) in the package that might need some cleaning up. -- Brian Murray @ubuntu.com
--- vifm-0.4.orig/src/color_scheme.c
+++ vifm-0.4/src/color_scheme.c
@@ -44,7 +44,7 @@
load_default_colors()
{
- snprintf(col_schemes[0].name, PATH_MAX, "Default");
+ snprintf(col_schemes[0].name, NAME_MAX, "Default");
snprintf(col_schemes[0].dir, PATH_MAX, "/");
col_schemes[0].color[0].name = MENU_COLOR;
@@ -262,7 +262,7 @@
// sizeof(Col_scheme *) +1);
snprintf(col_schemes[cfg.color_scheme_num].name,
- PATH_MAX, "%s", s1);
+ NAME_MAX, "%s", s1);
cfg.color_scheme_num++;
signature.asc
Description: Digital signature
