[Fedora-directory-commits] adminutil/tests retrieveSIE.c,1.1,1.2
Richard Allen Megginson (rmeggins)
fedora-directory-commits at redhat.com
Wed Mar 22 23:47:33 UTC 2006
Author: rmeggins
Update of /cvs/dirsec/adminutil/tests
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv11998/adminutil/tests
Modified Files:
retrieveSIE.c
Log Message:
Bug(s) fixed: 186280
Bug Description: Close potential security vulnerabilities in CGI code
Reviewed by: Noriko (Thanks!)
Fix Description: The code was already pretty clean in terms of buffer
access. I added some malloc return checking, used some nspr functions
where applicable, removed some dead code, and fixed a couple of small
memory leaks.
Platforms tested: Fedora Core 5
Flag Day: no
Doc impact: no
QA impact: should be covered by regular nightly and manual testing
New Tests integrated into TET: none
Index: retrieveSIE.c
===================================================================
RCS file: /cvs/dirsec/adminutil/tests/retrieveSIE.c,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- retrieveSIE.c 16 Nov 2005 18:50:21 -0000 1.1
+++ retrieveSIE.c 22 Mar 2006 23:47:25 -0000 1.2
@@ -58,7 +58,8 @@
exit(1);
}
- sprintf(admroot, "%s/admin-serv/config", svrroot);
+ snprintf(admroot, len, "%s/admin-serv/config", svrroot);
+ admroot[len] = '\0';
/*
* get the LDAP information from admin server config info
More information about the Fedora-directory-commits
mailing list