Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 159737 Details for
Bug 229157
net-im/tmsnc <0.3.2-r1 UBX Stack-based buffer overflow (CVE-2008-2828)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
tmsnc-UBX-buffer-overflow-CVE-2008-2828
core_net.c.patch (text/plain), 600 bytes, created by
Pierre-Yves Rofes (RETIRED)
on 2008-07-06 21:25:22 UTC
(
hide
)
Description:
tmsnc-UBX-buffer-overflow-CVE-2008-2828
Filename:
MIME Type:
Creator:
Pierre-Yves Rofes (RETIRED)
Created:
2008-07-06 21:25:22 UTC
Size:
600 bytes
patch
obsolete
>--- core_net.c 2006-10-17 13:09:56.000000000 +0200 >+++ core_net.c.new 2008-06-20 14:59:42.000000000 +0200 >@@ -845,11 +845,14 @@ > i = atoi(ptr[0]); > free(ptr[0]); > >+ if(i < 0 || i > sizeof(buf) - 1) >+ i = sizeof(buf) - 1; > if (read(session->sd, buf, i) != i) { > strncpy(message, "Couldn't read UBX payload", > message_len - 1); > return -1; > } >+ buf[sizeof(buf) - 1] = 0; > // parsing PSM, by gfhuang > if(0 == i) buf[0] = 0; //important, by gfhuang, when i=0, buf is untouched! >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=159737">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 229157
: 159737
