rpms/tftp/devel tftp-hpa-0.49-fortify-strcpy-crash.patch, NONE, 1.1 tftp.spec, 1.50, 1.51
Warren Togami 砥上勇
wtogami at fedoraproject.org
Wed Aug 5 14:22:02 UTC 2009
- Previous message (by thread): rpms/syncevolution/devel syncevolution.spec,1.13,1.14
- Next message (by thread): rpms/perl-Catalyst-Plugin-PageCache/F-10 FileCache.pm, NONE, 1.1 perl-Catalyst-Plugin-PageCache.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: wtogami
Update of /cvs/pkgs/rpms/tftp/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv3558
Modified Files:
tftp.spec
Added Files:
tftp-hpa-0.49-fortify-strcpy-crash.patch
Log Message:
Bug #515361 tftp FORTIFY_SOURCE strcpy crash
tftp-hpa-0.49-fortify-strcpy-crash.patch:
tftp.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
--- NEW FILE tftp-hpa-0.49-fortify-strcpy-crash.patch ---
diff -urN tftp-hpa-0.49.orig/tftp/tftp.c tftp-hpa-0.49/tftp/tftp.c
--- tftp-hpa-0.49.orig/tftp/tftp.c 2008-10-20 18:08:31.000000000 -0400
+++ tftp-hpa-0.49/tftp/tftp.c 2009-08-05 09:47:18.072585848 -0400
@@ -279,15 +279,16 @@
struct tftphdr *tp, const char *mode)
{
char *cp;
+ size_t len;
tp->th_opcode = htons((u_short) request);
cp = (char *)&(tp->th_stuff);
- strcpy(cp, name);
- cp += strlen(name);
- *cp++ = '\0';
- strcpy(cp, mode);
- cp += strlen(mode);
- *cp++ = '\0';
+ len = strlen(name) + 1;
+ memcpy(cp, name, len);
+ cp += len;
+ len = strlen(mode) + 1;
+ memcpy(cp, mode, len);
+ cp += len;
return (cp - (char *)tp);
}
Index: tftp.spec
===================================================================
RCS file: /cvs/pkgs/rpms/tftp/devel/tftp.spec,v
retrieving revision 1.50
retrieving revision 1.51
diff -u -p -r1.50 -r1.51
--- tftp.spec 27 Jul 2009 05:53:22 -0000 1.50
+++ tftp.spec 5 Aug 2009 14:22:02 -0000 1.51
@@ -1,7 +1,7 @@
Summary: The client for the Trivial File Transfer Protocol (TFTP)
Name: tftp
Version: 0.49
-Release: 4%{?dist}
+Release: 5%{?dist}
License: BSD
Group: Applications/Internet
Source0: http://www.kernel.org/pub/software/network/tftp/tftp-hpa-%{version}.tar.bz2
@@ -11,6 +11,7 @@ Patch0: tftp-0.40-remap.patch
Patch2: tftp-hpa-0.39-tzfix.patch
Patch3: tftp-0.42-tftpboot.patch
Patch4: tftp-0.49-chk_retcodes.patch
+Patch5: tftp-hpa-0.49-fortify-strcpy-crash.patch
BuildRequires: tcp_wrappers-devel readline-devel
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
@@ -43,6 +44,7 @@ enabled unless it is expressly needed.
%patch2 -p1 -b .tzfix
%patch3 -p1 -b .tftpboot
%patch4 -p1 -b .chk_retcodes
+%patch5 -p1 -b .fortify-strcpy-crash
%build
@@ -88,6 +90,9 @@ rm -rf ${RPM_BUILD_ROOT}
%{_mandir}/man8/*
%changelog
+* Wed Aug 05 2009 Warren Togami <wtogami at redhat.com> - 0.49-5
+- Bug #515361 tftp FORTIFY_SOURCE strcpy crash
+
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.49-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
- Previous message (by thread): rpms/syncevolution/devel syncevolution.spec,1.13,1.14
- Next message (by thread): rpms/perl-Catalyst-Plugin-PageCache/F-10 FileCache.pm, NONE, 1.1 perl-Catalyst-Plugin-PageCache.spec, NONE, 1.1 .cvsignore, 1.1, 1.2 sources, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list