diff options
Diffstat (limited to 'source/xap/gnuchess/xboard.buffer_overflow_fix.diff')
| -rw-r--r-- | source/xap/gnuchess/xboard.buffer_overflow_fix.diff | 95 |
1 files changed, 95 insertions, 0 deletions
diff --git a/source/xap/gnuchess/xboard.buffer_overflow_fix.diff b/source/xap/gnuchess/xboard.buffer_overflow_fix.diff new file mode 100644 index 00000000..f36d36ba --- /dev/null +++ b/source/xap/gnuchess/xboard.buffer_overflow_fix.diff @@ -0,0 +1,95 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 09_fix_-icshost_buffer_overflow.dpatch by Florian Ernst <florian@debian.org> +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: Of minor importance, though, as there is probably no attack vector +## DP: See bug#343560 + +@DPATCH@ +diff -urNad xboard-4.2.7~/backend.c xboard-4.2.7/backend.c +--- xboard-4.2.7~/backend.c 2003-11-28 10:37:36.000000000 +0100 ++++ xboard-4.2.7/backend.c 2005-12-16 22:19:16.000000000 +0100 +@@ -692,7 +692,7 @@ + sprintf(buf, "Could not open comm port %s", + appData.icsCommPort); + } else { +- sprintf(buf, "Could not connect to host %s, port %s", ++ snprintf(buf, sizeof(buf), "Could not connect to host %s, port %s", + appData.icsHost, appData.icsPort); + } + DisplayFatalError(buf, err, 1); +@@ -869,18 +869,18 @@ + } else if (*appData.gateway != NULLCHAR) { + if (*appData.remoteShell == NULLCHAR) { + /* Use the rcmd protocol to run telnet program on a gateway host */ +- sprintf(buf, "%s %s %s", ++ snprintf(buf, sizeof(buf), "%s %s %s", + appData.telnetProgram, appData.icsHost, appData.icsPort); + return OpenRcmd(appData.gateway, appData.remoteUser, buf, &icsPR); + + } else { + /* Use the rsh program to run telnet program on a gateway host */ + if (*appData.remoteUser == NULLCHAR) { +- sprintf(buf, "%s %s %s %s %s", appData.remoteShell, ++ snprintf(buf, sizeof(buf), "%s %s %s %s %s", appData.remoteShell, + appData.gateway, appData.telnetProgram, + appData.icsHost, appData.icsPort); + } else { +- sprintf(buf, "%s %s -l %s %s %s %s", ++ snprintf(buf, sizeof(buf), "%s %s -l %s %s %s %s", + appData.remoteShell, appData.gateway, + appData.remoteUser, appData.telnetProgram, + appData.icsHost, appData.icsPort); +@@ -1684,7 +1684,7 @@ + + if (loggedOn && !have_set_title && ics_handle[0] != NULLCHAR) { + char buf[MSG_SIZ]; +- sprintf(buf, "%s@%s", ics_handle, appData.icsHost); ++ snprintf(buf, sizeof(buf), "%s@%s", ics_handle, appData.icsHost); + DisplayIcsInteractionTitle(buf); + have_set_title = TRUE; + } +@@ -4882,7 +4882,7 @@ + SendToProgram(buf, cps); + } + if (cps->sendICS) { +- sprintf(buf, "ics %s\n", appData.icsActive ? appData.icsHost : "-"); ++ snprintf(buf, sizeof(buf), "ics %s\n", appData.icsActive ? appData.icsHost : "-"); + SendToProgram(buf, cps); + } + cps->maybeThinking = FALSE; +diff -urNad xboard-4.2.7~/xboard.c xboard-4.2.7/xboard.c +--- xboard-4.2.7~/xboard.c 2003-11-19 09:42:18.000000000 +0100 ++++ xboard-4.2.7/xboard.c 2005-12-16 22:19:16.000000000 +0100 +@@ -6734,8 +6734,8 @@ + strcpy(icon, text); + strcpy(title, text); + } else if (appData.icsActive) { +- sprintf(icon, "%s", appData.icsHost); +- sprintf(title, "%s: %s", programName, appData.icsHost); ++ snprintf(icon, sizeof(icon), "%s", appData.icsHost); ++ snprintf(title, sizeof(title), "%s: %s", programName, appData.icsHost); + } else if (appData.cmailGameName[0] != NULLCHAR) { + sprintf(icon, "%s", "CMail"); + sprintf(title, "%s: %s", programName, "CMail"); +@@ -6804,7 +6804,7 @@ + } else { + fprintf(stderr, "%s: %s: %s\n", + programName, message, strerror(error)); +- sprintf(buf, "%s: %s", message, strerror(error)); ++ snprintf(buf, sizeof(buf), "%s: %s", message, strerror(error)); + message = buf; + } + if (appData.popupExitMessage && boardWidget && XtIsRealized(boardWidget)) { +@@ -7488,9 +7488,9 @@ + char cmdLine[MSG_SIZ]; + + if (port[0] == NULLCHAR) { +- sprintf(cmdLine, "%s %s", appData.telnetProgram, host); ++ snprintf(cmdLine, sizeof(cmdLine), "%s %s", appData.telnetProgram, host); + } else { +- sprintf(cmdLine, "%s %s %s", appData.telnetProgram, host, port); ++ snprintf(cmdLine, sizeof(cmdLine), "%s %s %s", appData.telnetProgram, host, port); + } + return StartChildProcess(cmdLine, "", pr); + } |