Bug#609096: Buffer overflow in xdigger with long argv[0]
Adam D. Barratt
adam at adam-barratt.org.uk
Thu Jan 13 22:27:11 UTC 2011
On Thu, 2011-01-13 at 12:18 +0200, Peter Pentchev wrote:
> On Wed, Jan 12, 2011 at 09:10:53PM +0000, Adam D. Barratt wrote:
> > This change looked a little odd:
[...]
> > + case TON_SCHRITT:
> > +- strcat(name, "/step.au");
> > ++ snprintf(name, sizeof(name), "%s/step.au", XDIGGER_LIB_DIR);
> > ++ strncat(name, "/step.au");
> > + break;
>
> Oops! The strncat() should not be there, I'll prepare a new upload.
>
> > + case TON_STEINE:
> > +- strcat(name, "/stone.au");
> > ++ snprintf(name, sizeof(name), "%s/stone.au", XDIGGER_LIB_DIR);
> > + break;
> >
> > Why have the filenames changed from foo.au to XDIGGER_LIB_DIR/foo.au?
>
> They haven't changed :) A couple of lines above that, the "name" variable
> is initialized to XDIGGER_LIB_DIR, so the strcat() that was there just
> added foo.au to it. The snprintf() does both.
Ah, I see.
> I've corrected the patch to remove the strncat() that I'd put there before
> deciding to change it to snprintf() :)
[...]
> > Have you verified whether the addition of ${misc:Depends} makes any
> > practical difference to the generated binary packages, rather than
> > simply quietening lintian?
>
> Actually, it does not make any difference; I'll remove it.
Thanks.
> > Were the update to xdigger.desktop and the addition of
> > debian/source/format intentional?
>
> Well, the update to xdigger.desktop was done in a sweeping change by
> Paul Wise (pabs) two and a half years ago; I don't know why he didn't
> mention it in the changelog. That was before xdigger was removed from
> unstable and testing, and before there were any thoughts of preparing
> a Lenny-only upload.
>
> Should I document it in the changelog, or revert it from the Subversion
> repository?
One or the other. :-)
> > If so, why aren't they mentioned in
> > the changelog? fwiw, given that the default source format is not going
> > to change in lenny, the source/format change is at best a no-op.
>
> As to the default source format, I initially tried to convert it to
> 3.0 (quilt), but then Ansgar Burchardt kindly reminded me that you would
> not really allow this as a stable update :) So I reverted the 3.0 changes
> and placed 1.0 as the source format name; I could remove it if you'd like,
> no problem, and quite understandable.
Ansgar was correct. :-) It's technically a no-op; I'm not going to
complain (too) loudly if you leave it in.
> Thanks for taking the time to review the changes!
Thanks for taking the time to fix things in lenny.
Regards,
Adam
More information about the Pkg-games-devel
mailing list