Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 162239 Details for
Bug 233929
games-simulation/openttd <0.6.3 TruncateString() Buffer Overflow (CVE-2008-{3547,3576,3577})
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
openttd-0.6.2-truncate-string.patch
openttd-0.6.2-truncate-string.patch (text/plain), 770 bytes, created by
Robert Buchholz (RETIRED)
on 2008-08-05 01:35:05 UTC
(
hide
)
Description:
openttd-0.6.2-truncate-string.patch
Filename:
MIME Type:
Creator:
Robert Buchholz (RETIRED)
Created:
2008-08-05 01:35:05 UTC
Size:
770 bytes
patch
obsolete
>r13700 | rubidium | 2008-07-14 20:22:15 +0200 (Mon, 14 Jul 2008) | 2 lines > >-Fix: possible buffer overflow in string truncation code. > >Index: src/gfx.cpp >=================================================================== >--- src/gfx.cpp (revision 13699) >+++ src/gfx.cpp (revision 13700) >@@ -256,9 +256,10 @@ > w += GetCharacterWidth(size, c); > > if (w >= maxw) { >- /* string got too big... insert dotdotdot */ >- ddd_pos[0] = ddd_pos[1] = ddd_pos[2] = '.'; >- ddd_pos[3] = '\0'; >+ /* string got too big... insert dotdotdot, but make sure we do not >+ * print anything beyond the string termination character. */ >+ for (int i = 0; *ddd_pos != '\0' && i < 3; i++, ddd_pos++) *ddd_pos = '.'; >+ *ddd_pos = '\0'; > return ddd_w; > } > } else {
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=162239">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 233929
: 162239 |
162242
