Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 94955 Details for
Bug 144861
media-sound/streamripper remote buffer overflows (CVE-2006-3124)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
streamripper-1.61.25-CVE-2006-3124
streamripper-1.61.25-CVE-2006-3124.patch (text/plain), 1.05 KB, created by
Thomas Cort (RETIRED)
on 2006-08-23 11:43:54 UTC
(
hide
)
Description:
streamripper-1.61.25-CVE-2006-3124
Filename:
MIME Type:
Creator:
Thomas Cort (RETIRED)
Created:
2006-08-23 11:43:54 UTC
Size:
1.05 KB
patch
obsolete
>diff -urN streamripper-1.61.25.orig/lib/http.c streamripper-1.61.25/lib/http.c >--- streamripper-1.61.25.orig/lib/http.c 2006-08-23 14:30:12.000000000 -0400 >+++ streamripper-1.61.25/lib/http.c 2006-08-23 14:31:20.000000000 -0400 >@@ -275,7 +275,7 @@ > int rc; > char *start; > char versionbuf[64]; >- char stempbr[50]; >+ char stempbr[MAX_ICY_STRING]; > URLINFO url_info; > int url_path_len; > int content_type_by_url; >@@ -394,7 +394,7 @@ > else if ((start = (char *)strstr(header, "SHOUTcast")) != NULL) { > strcpy(info->server, "SHOUTcast/"); > if ((start = (char *)strstr(start, "Server/")) != NULL) { >- sscanf(start, "Server/%[^<]<", versionbuf); >+ sscanf(start, "Server/%63[^<]<", versionbuf); > strcat(info->server, versionbuf); > } > >@@ -412,7 +412,7 @@ > if (!info->server[0]) { > strcpy(info->server, "icecast/"); > if ((start = (char *)strstr(start, "version ")) != NULL) { >- sscanf(start, "version %[^<]<", versionbuf); >+ sscanf(start, "version %63[^<]<", versionbuf); > strcat(info->server, versionbuf); > } > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=94955">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 144861
:
94940
|
94954
| 94955
