Bug#497649: Broken security patch for WordNet

Nico Golde nion at debian.org
Fri Sep 5 13:47:55 UTC 2008

Hi Andreas,
* Andreas Tille <tillea at rki.de> [2008-09-05 15:40]:
>   This part of the patch is completely broken, breaks funktionality of
>      wordnet test -synsn
>   and I really wonder in how far a "strcpy(bufstart, tmpbuf);" is a
>   security fix compared to "strncpy(bufstart, tmpbuf, strlen(tmpbuf));"
>   Who did this patch????

As far as I know this was part of the patch by oCert. 
However its not a security fix but just a cleanup as both 
function calls are equal.

Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/debian-science-maintainers/attachments/20080905/c6b2fe3a/attachment-0001.pgp 

More information about the debian-science-maintainers mailing list