Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 125783 Details for
Bug 179354
net-irc/eggdrop < 1.6.18-r3 Server Module Private Message Processing Buffer Overflow (CVE-2007-2807)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Fix strcpy to strncpy to avoid buffer overflow
eggdrop.patch (text/plain), 410 bytes, created by
Pierre-Yves Rofes (RETIRED)
on 2007-07-23 20:31:34 UTC
(
hide
)
Description:
Fix strcpy to strncpy to avoid buffer overflow
Filename:
MIME Type:
Creator:
Pierre-Yves Rofes (RETIRED)
Created:
2007-07-23 20:31:34 UTC
Size:
410 bytes
patch
obsolete
>--- servmsg.c 2006-03-28 04:35:51.000000000 +0200 >+++ servmsg.c.new 2007-07-23 22:30:57.000000000 +0200 >@@ -461,7 +461,7 @@ static int gotmsg(char *from, char *msg) > to = newsplit(&msg); > fixcolon(msg); > /* Only check if flood-ctcp is active */ >- strcpy(uhost, from); >+ strncpy(uhost, from, UHOSTLEN); > nick = splitnick(&uhost); > if (flud_ctcp_thr && detect_avalanche(msg)) { > if (!ignoring) {
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=125783">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 179354
:
125783
|
126537
