[Frugalware-darcs] frugalware-0.6: inotify-tools-3.8-2terminus1-i686

voroskoi voroskoi at frugalware.org
Mon Oct 1 10:55:31 CEST 2007


Darcsweb-Url: http://darcs.frugalware.org/darcsweb/darcsweb.cgi?r=frugalware-0.6;a=darcs_commitdiff;h=20071001084237-dd049-900d2ea7bb1ffd14a11a8ae4bf81e1cc38b238b7.gz;

[inotify-tools-3.8-2terminus1-i686
voroskoi <voroskoi at frugalware.org>**20071001084237
 secfix relbump, closes #2425
] {
addfile ./source/apps-extra/inotify-tools/CVE-2007-5037.diff
hunk ./source/apps-extra/inotify-tools/CVE-2007-5037.diff 1
+--- inotify-tools-3.10/libinotifytools/src/inotifytools.c	2007-05-03 09:28:22.000000000 +0200
++++ inotify-tools-3.11/libinotifytools/src/inotifytools.c	2007-09-16 10:16:14.000000000 +0200
+@@ -1828,7 +1828,7 @@
+ 
+ 		if ( ch1 == 'w' ) {
+ 			if ( filename ) {
+-				strncpy( &out[ind], filename, MAX_STRLEN - ind );
++				strncpy( &out[ind], filename, size - ind );
+ 				ind += strlen(filename);
+ 			}
+ 			++i;
+@@ -1837,7 +1837,7 @@
+ 
+ 		if ( ch1 == 'f' ) {
+ 			if ( eventname ) {
+-				strncpy( &out[ind], eventname, MAX_STRLEN - ind );
++				strncpy( &out[ind], eventname, size - ind );
+ 				ind += strlen(eventname);
+ 			}
+ 			++i;
+@@ -1846,7 +1846,7 @@
+ 
+ 		if ( ch1 == 'e' ) {
+ 			eventstr = inotifytools_event_to_str( event->mask );
+-			strncpy( &out[ind], eventstr, MAX_STRLEN - ind );
++			strncpy( &out[ind], eventstr, size - ind );
+ 			ind += strlen(eventstr);
+ 			++i;
+ 			continue;
+@@ -1869,7 +1869,7 @@
+ 				timestr[0] = 0;
+ 			}
+ 
+-			strncpy( &out[ind], timestr, MAX_STRLEN - ind );
++			strncpy( &out[ind], timestr, size - ind );
+ 			ind += strlen(timestr);
+ 			++i;
+ 			continue;
+@@ -1878,7 +1878,7 @@
+ 		// Check if next char in fmt is e
+ 		if ( i < strlen(fmt) - 2 && fmt[i+2] == 'e' ) {
+ 			eventstr = inotifytools_event_to_str_sep( event->mask, ch1 );
+-			strncpy( &out[ind], eventstr, MAX_STRLEN - ind );
++			strncpy( &out[ind], eventstr, size - ind );
+ 			ind += strlen(eventstr);
+ 			i += 2;
+ 			continue;
hunk ./source/apps-extra/inotify-tools/FrugalBuild 6
-pkgrel=1
+pkgrel=2terminus1
hunk ./source/apps-extra/inotify-tools/FrugalBuild 13
+source=($source CVE-2007-5037.diff)
+sha1sums=('ead89b7bf8402e88909de43831424143a40e9eea' \
+          'b82c4957deada2e133bccb8ad8cd47df2009bbfe')
hunk ./source/apps-extra/inotify-tools/FrugalBuild 17
-sha1sums=('ead89b7bf8402e88909de43831424143a40e9eea')
}


More information about the Frugalware-darcs mailing list