Blame afpfs-ng-0.8.1-overflows.patch
|
|
1a9d372 |
Fix possible buffer overflows (given we're copying to storage of AFP_MAX_PATH,
|
|
|
1a9d372 |
while AFP_MAX_PATH is much smaller than PATH_MAX)
|
|
|
1a9d372 |
|
|
|
1a9d372 |
Lubomir Rintel <lkundrak@v3.sk>
|
|
|
1a9d372 |
|
|
|
1a9d372 |
--- afpfs-ng-0.8.1/cmdline/cmdline_afp.c.overflows 2008-10-06 19:21:32.000000000 +0200
|
|
|
1a9d372 |
+++ afpfs-ng-0.8.1/cmdline/cmdline_afp.c 2008-10-06 19:13:50.000000000 +0200
|
|
|
1a9d372 |
@@ -129,9 +129,9 @@
|
|
|
1a9d372 |
{
|
|
|
1a9d372 |
if (filename[0]!='/') {
|
|
|
1a9d372 |
if (strlen(curdir)==1)
|
|
|
1a9d372 |
- snprintf(server_fullname,PATH_MAX,"/%s",filename);
|
|
|
1a9d372 |
+ snprintf(server_fullname,AFP_MAX_PATH,"/%s",filename);
|
|
|
1a9d372 |
else
|
|
|
1a9d372 |
- snprintf(server_fullname,PATH_MAX,"%s/%s",curdir,filename);
|
|
|
1a9d372 |
+ snprintf(server_fullname,AFP_MAX_PATH,"%s/%s",curdir,filename);
|
|
|
1a9d372 |
} else {
|
|
|
1a9d372 |
snprintf(server_fullname,PATH_MAX,"%s",filename);
|
|
|
1a9d372 |
}
|
|
|
1a9d372 |
@@ -1217,7 +1217,7 @@
|
|
|
1a9d372 |
{
|
|
|
1a9d372 |
struct passwd * passwd;
|
|
|
1a9d372 |
|
|
|
1a9d372 |
- snprintf(curdir,PATH_MAX,"%s",DEFAULT_DIRECTORY);
|
|
|
1a9d372 |
+ snprintf(curdir,AFP_MAX_PATH,"%s",DEFAULT_DIRECTORY);
|
|
|
1a9d372 |
if (init_uams()<0) return -1;
|
|
|
1a9d372 |
|
|
|
1a9d372 |
afp_default_url(&url;;
|