Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 83043 Details for
Bug 127326
media-video/kaffeine buffer overflow (CVE-2006-0051)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
kaffeine-0.7.1-input-http.patch
kaffeine-0.7.1-input-http.patch (text/plain), 3.38 KB, created by
Diego Elio Pettenò (RETIRED)
on 2006-03-24 13:47:31 UTC
(
hide
)
Description:
kaffeine-0.7.1-input-http.patch
Filename:
MIME Type:
Creator:
Diego Elio Pettenò (RETIRED)
Created:
2006-03-24 13:47:31 UTC
Size:
3.38 KB
patch
obsolete
>Index: kaffeine/kaffeine/player-parts/http.c >=================================================================== >--- kaffeine/kaffeine/player-parts/http.c (revision 521094) >+++ kaffeine/kaffeine/player-parts/http.c (working copy) >@@ -308,7 +308,7 @@ static http_t *http_open (const char *mr > > http_t *this; > char *proxy; >- int done,len,linenum; >+ int done,len,linenum,buflen; > char mime_type[BUFSIZE+1]; > > this = malloc (sizeof (http_t)); >@@ -362,13 +362,13 @@ static http_t *http_open (const char *mr > { > char buf[256]; > >- sprintf (buf, "http: opening >/%s< on host >%s<", >+ snprintf (buf, sizeof(buf), "http: opening >/%s< on host >%s<", > this->filename, this->host); > > if (proxy != NULL) >- sprintf(buf, "%s via proxy >%s<", buf, this->proxyhost); >+ snprintf(buf, sizeof(buf), "%s via proxy >%s<", buf, this->proxyhost); > >- sprintf(buf, "%s\n", buf); >+ snprintf(buf, sizeof(buf), "%s\n", buf); > > printf (buf); > } >@@ -389,35 +389,42 @@ static http_t *http_open (const char *mr > > if (proxy != NULL) > if (this->port != DEFAULT_HTTP_PORT) >- sprintf (this->buf, "GET http://%s:%d/%s HTTP/1.0\015\012", >- this->host, this->port, this->filename); >+ snprintf (this->buf, BUFSIZE, "GET http://%s:%d/%s HTTP/1.0\015\012", >+ this->host, this->port, this->filename); > else >- sprintf (this->buf, "GET http://%s/%s HTTP/1.0\015\012", >- this->host, this->filename); >+ snprintf (this->buf, BUFSIZE, "GET http://%s/%s HTTP/1.0\015\012", >+ this->host, this->filename); > else >- sprintf (this->buf, "GET /%s HTTP/1.0\015\012", this->filename); >+ snprintf (this->buf, BUFSIZE, "GET /%s HTTP/1.0\015\012", this->filename); > >+ buflen = strlen(this->buf); > if (this->port != DEFAULT_HTTP_PORT) >- sprintf (this->buf + strlen(this->buf), "Host: %s:%d\015\012", >- this->host, this->port); >+ snprintf (this->buf + buflen, BUFSIZE - buflen, "Host: %s:%d\015\012", >+ this->host, this->port); > else >- sprintf (this->buf + strlen(this->buf), "Host: %s\015\012", >- this->host); >+ snprintf (this->buf + buflen, BUFSIZE - buflen, "Host: %s\015\012", >+ this->host); > >- if (this->proxyuser != NULL) >- sprintf (this->buf + strlen(this->buf), "Proxy-Authorization: Basic %s\015\012", >- this->proxyauth); >+ buflen = strlen(this->buf); >+ if (this->proxyuser != NULL) { >+ snprintf (this->buf + buflen, BUFSIZE - buflen, "Proxy-Authorization: Basic %s\015\012", >+ this->proxyauth); >+ buflen = strlen(this->buf); >+ } > >- if (this->user != NULL) >- sprintf (this->buf + strlen(this->buf), "Authorization: Basic %s\015\012", >- this->auth); >+ if (this->user != NULL) { >+ snprintf (this->buf + buflen, BUFSIZE - buflen, "Authorization: Basic %s\015\012", >+ this->auth); >+ buflen = strlen(this->buf); >+ } > >- sprintf (this->buf + strlen(this->buf), "User-Agent: xine/%s\015\012", >+ snprintf (this->buf + buflen, BUFSIZE - buflen, "User-Agent: xine/%s\015\012", > VERSION); > >- strcat (this->buf, "Accept: */*\015\012"); >- >- strcat (this->buf, "\015\012"); >+ buflen = strlen(this->buf); >+ snprintf (this->buf + buflen, BUFSIZE - buflen, "Accept: */*\015\012"); >+ buflen = strlen(this->buf); >+ snprintf (this->buf + buflen, BUFSIZE - buflen, "\015\012"); > > if (write (this->fh, this->buf, strlen(this->buf)) != (ssize_t)strlen(this->buf)) { > free (this);
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 127326
:
82941
|
83042
| 83043