~ruther/guix-local

ref: 7f7a67ae06e0d1ea19bdcceb9b16466bd7d7134d guix-local/gnu/packages/patches/wordnet-CVE-2008-3908-pt2.patch -rw-r--r-- 668 bytes
7f7a67ae — AndrĂ© Batista gnu: make-torbrowser: Use current ffmpeg version. 1 year, 10 months ago 
                                                                                
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18

This patch was created by oCert according to
 http://www.ocert.org/advisories/ocert-2008-014.html
Unfortunately the original patch contained a bug which was
later fixed by the issuer of the patch Rob Holland <rob@ocert.org>
This part was now separated in this file.

--- a/lib/search.c
+++ b/lib/search.c
@@ -1568,7 +1568,8 @@ char *findtheinfo(char *searchstr, int d
 			bufstart[0] = '\n';
 			bufstart++;
 		    }
-		    strncpy(bufstart, tmpbuf, strlen(tmpbuf));
+                   /* Avoid writing a trailing \0 after the string */
+                   memcpy(bufstart, tmpbuf, strlen(tmpbuf));
 		    bufstart = searchbuffer + strlen(searchbuffer);
 		}
 	    }