rpms/cscope/devel cscope-15.6-incdir-overflow.patch, NONE, 1.1 cscope.spec, 1.37, 1.38
Neil Horman
nhorman at fedoraproject.org
Fri Jun 12 17:52:30 UTC 2009
Author: nhorman
Update of /cvs/extras/rpms/cscope/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv14238
Modified Files:
cscope.spec
Added Files:
cscope-15.6-incdir-overflow.patch
Log Message:
Resolves: bz505605
cscope-15.6-incdir-overflow.patch:
--- NEW FILE cscope-15.6-incdir-overflow.patch ---
diff -pruN cscope-15.6.orig/src/dir.c cscope-15.6/src/dir.c
--- cscope-15.6.orig/src/dir.c 2006-09-30 10:13:00.000000000 +0200
+++ cscope-15.6/src/dir.c 2009-06-12 16:56:33.000000000 +0200
@@ -129,7 +129,6 @@ sourcedir(char *dirlist)
/* parse the directory list */
dir = strtok(dirlist, DIRSEPS);
while (dir != NULL) {
- int dir_len = strlen(dir);
addsrcdir(dir);
@@ -139,8 +138,7 @@ sourcedir(char *dirlist)
/* compute its path from higher view path source dirs */
for (i = 1; i < nvpsrcdirs; ++i) {
- sprintf(path, "%.*s/%s",
- PATHLEN - 2 - dir_len,
+ snprintf(path, PATHLEN, "%s/%s",
srcdirs[i], dir);
addsrcdir(path);
}
@@ -197,7 +195,6 @@ includedir(char *dirlist)
/* parse the directory list */
dir = strtok(dirlist, DIRSEPS);
while (dir != NULL) {
- size_t dir_len = strlen(dir);
addincdir(dir, dir);
@@ -207,8 +204,7 @@ includedir(char *dirlist)
/* compute its path from higher view path source dirs */
for (i = 1; i < nvpsrcdirs; ++i) {
- sprintf(path, "%.*s/%s",
- PATHLEN - 2 - dir_len,
+ snprintf(path, PATHLEN, "%s/%s",
srcdirs[i], dir);
addincdir(dir, path);
}
@@ -480,9 +476,6 @@ static void
scan_dir(const char *adir, BOOL recurse_dir)
{
DIR *dirfile;
- int adir_len = strlen(adir);
-
- /* FIXME: no guards against adir_len > PATHLEN, yet */
if ((dirfile = opendir(adir)) != NULL) {
struct dirent *entry;
@@ -494,8 +487,7 @@ scan_dir(const char *adir, BOOL recurse_
&& (strcmp("..",entry->d_name) != 0)) {
struct stat buf;
- sprintf(path,"%s/%.*s", adir,
- PATHLEN - 2 - adir_len,
+ snprintf(path, PATHLEN, "%s/%s", adir,
entry->d_name);
if (lstat(path,&buf) == 0) {
@@ -599,20 +591,19 @@ incfile(char *file, char *type)
if (type[0] == '"' && (s = inviewpath(file)) != NULL) {
addsrcfile(s);
} else {
- size_t file_len = strlen(file);
/* search for the file in the #include directory list */
for (i = 0; i < nincdirs; ++i) {
/* don't include the file from two directories */
- sprintf(name, "%.*s/%s",
- PATHLEN - 2 - file_len, incnames[i],
+ snprintf(name, PATHLEN, "%s/%s",
+ incnames[i],
file);
if (infilelist(name) == YES) {
break;
}
/* make sure it exists and is readable */
- sprintf(path, "%.*s/%s",
- PATHLEN - 2 - file_len, incdirs[i],
+ snprintf(path, PATHLEN, "%s/%s",
+ incdirs[i],
file);
if (access(compath(path), READ) == 0) {
addsrcfile(path);
@@ -655,12 +646,11 @@ inviewpath(char *file)
/* if it isn't a full path name and there is a multi-directory
* view path */
if (*file != '/' && vpndirs > 1) {
- int file_len = strlen(file);
/* compute its path from higher view path source dirs */
for (i = 1; i < nvpsrcdirs; ++i) {
- sprintf(path, "%.*s/%s",
- PATHLEN - 2 - file_len, srcdirs[i],
+ snprintf(path, PATHLEN, "%s/%s",
+ srcdirs[i],
file);
if (access(compath(path), READ) == 0) {
return(path);
Index: cscope.spec
===================================================================
RCS file: /cvs/extras/rpms/cscope/devel/cscope.spec,v
retrieving revision 1.37
retrieving revision 1.38
diff -u -p -r1.37 -r1.38
--- cscope.spec 24 Feb 2009 09:59:40 -0000 1.37
+++ cscope.spec 12 Jun 2009 17:51:59 -0000 1.38
@@ -1,7 +1,7 @@
Summary: C source code tree search and browse tool
Name: cscope
Version: 15.6
-Release: 3%{?dist}
+Release: 4%{?dist}
Source0: http://unc.dl.sourceforge.net/sourceforge/cscope/cscope-15.6.tar.gz
URL: http://cscope.sourceforge.net
License: BSD
@@ -18,6 +18,7 @@ Patch1:cscope-15.6-ocs.patch
Patch2:cscope-15.6-xcscope-man.patch
Patch3:cscope-15.6-sigwinch-linemode.patch
Patch4:cscope-15.6-qrebuild.patch
+Patch5:cscope-15.6-incdir-overflow.patch
%description
cscope is a mature, ncurses based, C source code tree browsing tool. It
@@ -33,6 +34,7 @@ matches for use in file editing.
%patch2 -p1
%patch3 -p1
%patch4 -p1
+%patch5 -p1
%build
%configure
@@ -81,6 +83,9 @@ rm -f %{xemacs_lisp_path}/xcscope.el
rm -f %{emacs_lisp_path}/xcscope.el
%changelog
+* Fri Jun 12 2009 Neil Horman <nhorman at redhat.com>
+- Fix some buffer overflows (bz 505605)
+
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 15.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
More information about the fedora-extras-commits
mailing list