Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 209271 Details for
Bug 284431
sci-chemistry/gromacs-4.0.5 buffer overflow issue
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch to fix buffer overflow in path
gromacs-4.0.5-path-overflow.patch (text/plain), 3.49 KB, created by
Christoph Junghans (RETIRED)
on 2009-11-04 21:03:13 UTC
(
hide
)
Description:
patch to fix buffer overflow in path
Filename:
MIME Type:
Creator:
Christoph Junghans (RETIRED)
Created:
2009-11-04 21:03:13 UTC
Size:
3.49 KB
patch
obsolete
>fixes bug #284431 taken from upstream stable banch > >From 53a07a791c1b7e4ed832ed4842928ad5139c1f41 Mon Sep 17 00:00:00 2001 >From: kasson <kasson> >Date: Wed, 11 Mar 2009 11:19:09 +0000 >Subject: [PATCH] PK fixed buffer overruns in get_libdir(); some untested strcat() calls remain. > >--- > src/gmxlib/futil.c | 31 ++++++++++++++++--------------- > 1 files changed, 16 insertions(+), 15 deletions(-) > >diff --git a/src/gmxlib/futil.c b/src/gmxlib/futil.c >index e1b60cc..b83b2ea 100644 >--- a/src/gmxlib/futil.c >+++ b/src/gmxlib/futil.c >@@ -52,6 +52,8 @@ > #include "smalloc.h" > #include "statutil.h" > >+#define MAX_PATHBUF 4096 >+ > typedef struct t_pstack { > FILE *fp; > struct t_pstack *prev; >@@ -385,20 +387,19 @@ static bool filename_is_absolute(char *name) > #endif > } > >- > bool get_libdir(char *libdir) > { > char bin_name[512]; > char buf[512]; >- char full_path[512]; >- char test_file[512]; >- char system_path[512]; >+ char full_path[MAX_PATHBUF]; >+ char test_file[MAX_PATHBUF]; >+ char system_path[MAX_PATHBUF]; > char *dir,*ptr,*s,*pdum; > bool found=FALSE; > int i; > > /* First - detect binary name */ >- strcpy(bin_name,Program()); >+ strncpy(bin_name,Program(),512); > > /* On windows & cygwin we need to add the .exe extension > * too, or we wont be able to detect that the file exists >@@ -409,7 +410,7 @@ bool get_libdir(char *libdir) > #endif > > /* Only do the smart search part if we got a real name */ >- if (NULL!=bin_name && strcmp(bin_name,"GROMACS")) { >+ if (NULL!=bin_name && strncmp(bin_name,"GROMACS",512)) { > > if (!strchr(bin_name,DIR_SEPARATOR)) { > /* No slash or backslash in name means it must be in the path - search it! */ >@@ -435,11 +436,11 @@ bool get_libdir(char *libdir) > * name is relative to the current dir > */ > pdum=getcwd(buf,sizeof(buf)-1); >- strcpy(full_path,buf); >+ strncpy(full_path,buf,MAX_PATHBUF); > strcat(full_path,"/"); > strcat(full_path,bin_name); > } else { >- strcpy(full_path,bin_name); >+ strncpy(full_path,bin_name,MAX_PATHBUF); > } > > /* Now we should have a full path and name in full_path, >@@ -450,9 +451,9 @@ bool get_libdir(char *libdir) > buf[i]='\0'; > /* If it doesn't start with "/" it is relative */ > if (buf[0]!=DIR_SEPARATOR) { >- strcpy(strrchr(full_path,DIR_SEPARATOR)+1,buf); >+ strncpy(strrchr(full_path,DIR_SEPARATOR)+1,buf,MAX_PATHBUF); > } else >- strcpy(full_path,buf); >+ strncpy(full_path,buf,MAX_PATHBUF); > } > #endif > >@@ -489,10 +490,10 @@ const char *low_libfn(const char *file, bool bFatal) > const char *ret=NULL; > char *lib,*dir; > static char buf[1024]; >- static char libpath[4096]; >+ static char libpath[MAX_PATHBUF]; > static int bFirst=1; > static bool env_is_set; >- char *s,tmppath[4096]; >+ char *s,tmppath[MAX_PATHBUF]; > bool found; > > if (bFirst) { >@@ -500,10 +501,10 @@ const char *low_libfn(const char *file, bool bFatal) > lib=getenv("GMXLIB"); > if (lib != NULL) { > env_is_set=TRUE; >- strcpy(libpath,lib); >+ strncpy(libpath,lib,MAX_PATHBUF); > } > else if (!get_libdir(libpath)) >- strcpy(libpath,GMXLIBDIR); >+ strncpy(libpath,GMXLIBDIR,MAX_PATHBUF); > > bFirst=0; > } >@@ -512,7 +513,7 @@ const char *low_libfn(const char *file, bool bFatal) > ret=file; > else { > found=FALSE; >- strcpy(tmppath,libpath); >+ strncpy(tmppath,libpath,MAX_PATHBUF); > s=tmppath; > while(!found && (dir=strtok(s,PATH_SEPARATOR))!=NULL) { > sprintf(buf,"%s%c%s",dir,DIR_SEPARATOR,file); >-- >1.6.5.GIT >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 284431
:
203754
|
203756
| 209271