~ubuntu-branches/debian/wheezy/tweak/wheezy
» Revision
5
: debian/patches/02_avoid_buffer_overflows.dpatch
« back to all changes in this revision
Viewing changes to debian/patches/02_avoid_buffer_overflows.dpatch
- browse files at revision 5
- compare with another revision
- download diff
- download tarball
- view history from revision 5
- Committer: Package Import Robot
- Author(s): Daniel Kahn Gillmor
- Date: 2012-03-04 19:37:53 UTC
- Revision ID: package-import@ubuntu.com-20120304193753-jnid7ekl6wkag63d
Tags: 3.01-8
* debian/control: bump Standards-Version to 3.9.3 (no changes needed),
change Vcs- fields.
* debian/rules: minimize, move to dh 8
* convert source format to '3.0 (quilt)' (dropping dpatch build-dep)
* drop halibut build-dep in favor of shipping upstream's man page and
documentation directly.
change Vcs- fields.
* debian/rules: minimize, move to dh 8
* convert source format to '3.0 (quilt)' (dropping dpatch build-dep)
* drop halibut build-dep in favor of shipping upstream's man page and
documentation directly.
- files added:
- .pc
- .pc/01_fix_464628_with_svn_7478
- .pc/02_avoid_buffer_overflows
- debian/source
- files removed:
- debian/patches/00list
- files modified:
- actions.c
- debian/tweak-wrapper *
added
removed
debian/patches/02_avoid_buffer_overflows.dpatch
1
#! /bin/sh /usr/share/dpatch/dpatch-run
2
## 02_avoid_buffer_overflows.dpatch by Daniel Kahn Gillmor <dkg@fifthhorseman.net>
3
##
4
## All lines beginning with `## DP:' are a description of the patch.
5
## DP: Cleaning up all strcpy, strcat, and sprintf invocations to avoid
6
## DP: common buffer overflows at least.
7
8
@DPATCH@
9
diff -urNad tweak~/actions.c tweak/actions.c
10
--- tweak~/actions.c 2007-03-14 00:42:05.000000000 -0400
11
+++ tweak/actions.c 2008-03-16 20:06:29.796165664 -0400
12
@@ -139,14 +139,14 @@
13
if (!backed_up) {
14
if (!backup_file()) {
15
display_beep();
16
- strcpy (message, "Unable to back up file!");
17
+ strncpy (message, "Unable to back up file!", sizeof(message) - 1);
18
return;
19
}
20
backed_up = TRUE;
21
}
22
if (!save_file()) {
23
display_beep();
24
- strcpy (message, "Unable to save file!");
25
+ strncpy (message, "Unable to save file!", sizeof(message) - 1);
26
return;
27
}
28
modified = FALSE;
29
@@ -292,7 +292,7 @@
30
static void act_togins(void) {
31
if (look_mode || fix_mode) {
32
display_beep();
33
- sprintf(message, "Can't engage Insert mode when in %s mode",
34
+ snprintf(message, sizeof(message), "Can't engage Insert mode when in %s mode",
35
(look_mode ? "LOOK" : "FIX"));
36
insert_mode = FALSE; /* safety! */
37
} else
38
@@ -312,7 +312,7 @@
39
40
if (look_mode) {
41
display_beep();
42
- strcpy (message, "Can't modify file in LOOK mode");
43
+ strncpy (message, "Can't modify file in LOOK mode", sizeof(message - 1));
44
return;
45
}
46
47
@@ -325,14 +325,14 @@
48
last_char -= 'a'-10;
49
else {
50
display_beep();
51
- strcpy(message, "Not a valid character when in hex editing mode");
52
+ strncpy(message, "Not a valid character when in hex editing mode", sizeof(message) - 1);
53
return;
54
}
55
}
56
57
if ( (!insert || edit_type == 2) && cur_pos == file_size) {
58
display_beep();
59
- strcpy(message, "End of file reached");
60
+ strncpy(message, "End of file reached", sizeof(message) - 1);
61
return;
62
}
63
64
@@ -365,7 +365,7 @@
65
modified = TRUE;
66
} else {
67
display_beep();
68
- strcpy(message, "End of file reached");
69
+ strncpy(message, "End of file reached", sizeof(message) - 1);
70
}
71
act_right();
72
}
73
@@ -373,7 +373,7 @@
74
static void act_delete(void) {
75
if (!insert_mode || (edit_type!=2 && cur_pos==0)) {
76
display_beep();
77
- strcpy (message, "Can't delete while not in Insert mode");
78
+ strncpy (message, "Can't delete while not in Insert mode", sizeof(message) - 1);
79
} else if (cur_pos > 0 || edit_type == 2) {
80
act_left();
81
buf_delete (filedata, 1, cur_pos);
82
@@ -386,7 +386,7 @@
83
static void act_delch(void) {
84
if (!insert_mode) {
85
display_beep();
86
- strcpy (message, "Can't delete while not in Insert mode");
87
+ strncpy (message, "Can't delete while not in Insert mode", sizeof(message) - 1);
88
} else if (cur_pos < file_size) {
89
buf_delete (filedata, 1, cur_pos);
90
file_size--;
91
@@ -398,7 +398,7 @@
92
static void act_mark (void) {
93
if (look_mode) {
94
display_beep();
95
- strcpy (message, "Can't cut or paste in LOOK mode");
96
+ strncpy (message, "Can't cut or paste in LOOK mode", sizeof(message) - 1);
97
marking = FALSE; /* safety */
98
return;
99
}
100
@@ -411,12 +411,12 @@
101
102
if (!marking || mark_point==cur_pos) {
103
display_beep();
104
- strcpy (message, "Set mark first");
105
+ strncpy (message, "Set mark first", sizeof(message) - 1);
106
return;
107
}
108
if (!insert_mode) {
109
display_beep();
110
- strcpy (message, "Can't cut while not in Insert mode");
111
+ strncpy (message, "Can't cut while not in Insert mode", sizeof(message) - 1);
112
return;
113
}
114
marktop = cur_pos;
115
@@ -444,7 +444,7 @@
116
117
if (!marking) {
118
display_beep();
119
- strcpy (message, "Set mark first");
120
+ strncpy (message, "Set mark first", sizeof(message) - 1);
121
return;
122
}
123
marktop = cur_pos;
124
@@ -466,7 +466,7 @@
125
if (!insert_mode) {
126
if (cur_pos + cutsize > file_size) {
127
display_beep();
128
- strcpy (message, "Too close to end of file to paste");
129
+ strncpy (message, "Too close to end of file to paste", sizeof(message) - 1);
130
return;
131
}
132
buf_delete (filedata, cutsize, cur_pos);
133
@@ -500,13 +500,13 @@
134
position = parse_num (buffer, &error);
135
if (error) {
136
display_beep();
137
- strcpy (message, "Unable to parse position value");
138
+ strncpy (message, "Unable to parse position value", sizeof(message) - 1);
139
return;
140
}
141
142
if (position < 0 || position > file_size) {
143
display_beep();
144
- strcpy (message, "Position is outside bounds of file");
145
+ strncpy (message, "Position is outside bounds of file", sizeof(message) - 1);
146
return;
147
}
148
149
@@ -537,7 +537,7 @@
150
if (!get_str(last_search ? withdef : withoutdef, buffer, TRUE))
151
return 0; /* user break */
152
if (!last_search && !*buffer) {
153
- strcpy (message, "Search aborted.");
154
+ strncpy (message, "Search aborted.", sizeof(message) - 1);
155
return 0;
156
}
157
158
@@ -547,7 +547,7 @@
159
len = parse_quoted (buffer);
160
if (len == -1) {
161
display_beep();
162
- strcpy (message, "Invalid escape sequence in search string");
163
+ strncpy (message, "Invalid escape sequence in search string", sizeof(message) - 1);
164
return 0;
165
}
166
if (last_search)
167
@@ -597,7 +597,7 @@
168
}
169
}
170
}
171
- strcpy (message, "Not found.");
172
+ strncpy (message, "Not found.", sizeof(message) - 1);
173
}
174
175
static void act_search_backwards (void) {
176
@@ -643,7 +643,7 @@
177
}
178
}
179
}
180
- strcpy (message, "Not found.");
181
+ strncpy (message, "Not found.", sizeof(message) - 1);
182
}
183
184
static void act_recentre (void) {
185
@@ -660,13 +660,13 @@
186
fileoffset_t new_top;
187
int error;
188
189
- sprintf (prompt, "Enter screen width in bytes (now %"OFF"d): ", width);
190
+ snprintf (prompt, sizeof(prompt), "Enter screen width in bytes (now %"OFF"d): ", width);
191
if (!get_str (prompt, buffer, FALSE))
192
return;
193
w = parse_num (buffer, &error);
194
if (error) {
195
display_beep();
196
- strcpy (message, "Unable to parse width value");
197
+ strncpy (message, "Unable to parse width value", sizeof(message) - 1);
198
return;
199
}
200
if (w > 0) {
201
@@ -686,14 +686,14 @@
202
fileoffset_t new_top;
203
int error;
204
205
- sprintf (prompt, "Enter start-of-file offset in bytes (now %"OFF"d): ",
206
+ snprintf (prompt, sizeof(prompt), "Enter start-of-file offset in bytes (now %"OFF"d): ",
207
realoffset);
208
if (!get_str (prompt, buffer, FALSE))
209
return;
210
o = parse_num (buffer, &error);
211
if (error) {
212
display_beep();
213
- strcpy (message, "Unable to parse offset value");
214
+ strncpy (message, "Unable to parse offset value", sizeof(message) - 1);
215
return;
216
}
217
if (o >= 0) {
218
diff -urNad tweak~/keytab.c tweak/keytab.c
219
--- tweak~/keytab.c 2007-03-14 00:42:05.000000000 -0400
220
+++ tweak/keytab.c 2008-03-16 20:06:29.796165664 -0400
221
@@ -60,17 +60,18 @@
222
223
/*
224
* Format an ASCII code into a printable description of the key stroke.
225
+ * should use no more than 8 chars -- make sure s has room for 8 chars!
226
*/
227
static void strkey (char *s, int k) {
228
k &= 255; /* force unsigned */
229
if (k==27)
230
- strcpy(s, " ESC");
231
+ strncpy(s, " ESC", 8);
232
else if (k<32 || k==127)
233
- sprintf(s, " ^%c", k ^ 64);
234
+ snprintf(s, 8, " ^%c", k ^ 64);
235
else if (k<127)
236
- sprintf(s, " %c", k);
237
+ snprintf(s, 8, " %c", k);
238
else
239
- sprintf(s, " <0x%2X>", k);
240
+ snprintf(s, 8, " <0x%2X>", k);
241
}
242
243
/*
244
@@ -88,7 +89,7 @@
245
#if defined(unix) && !defined(GO32)
246
safe_update = FALSE;
247
#endif
248
- strcpy(message, "Unknown key sequence");
249
+ strncpy(message, "Unknown key sequence", sizeof(message));
250
strkey(message+strlen(message), last_char);
251
kt = base[(unsigned char) last_char];
252
if (!kt) {
253
diff -urNad tweak~/main.c tweak/main.c
254
--- tweak~/main.c 2008-03-16 20:06:29.296137168 -0400
255
+++ tweak/main.c 2008-03-16 20:06:29.796165664 -0400
256
@@ -318,7 +318,7 @@
257
void fix_offset(void) {
258
if (3*width+11 > display_cols) {
259
width = (display_cols-11) / 3;
260
- sprintf (message, "Width reduced to %"OFF"d to fit on the screen", width);
261
+ snprintf (message, sizeof(message), "Width reduced to %"OFF"d to fit on the screen", width);
262
}
263
if (4*width+14 > display_cols) {
264
ascii_enabled = FALSE;
265
@@ -347,7 +347,7 @@
266
display_define_colour(COL_INVALID, 11, 0, FALSE);
267
268
for (i=0; i<256; i++) {
269
- sprintf(hex[i], "%02X", i);
270
+ snprintf(hex[i], 3, "%02X", i);
271
toprint[i] = (i>=32 && i<127 ? i : '.');
272
}
273
}
274
@@ -384,12 +384,12 @@
275
}
276
fclose (fp);
277
assert(file_size == buf_length(filedata));
278
- sprintf(message, "loaded %s (size %"OFF"d == 0x%"OFF"X).",
279
+ snprintf(message, sizeof(message), "loaded %s (size %"OFF"d == 0x%"OFF"X).",
280
fname, file_size, file_size);
281
} else {
282
filedata = buf_new_from_file(fp);
283
file_size = buf_length(filedata);
284
- sprintf(message, "opened %s (size %"OFF"d == 0x%"OFF"X).",
285
+ snprintf(message, sizeof(message), "opened %s (size %"OFF"d == 0x%"OFF"X).",
286
fname, file_size, file_size);
287
}
288
new_file = FALSE;
289
@@ -400,7 +400,7 @@
290
exit (1);
291
}
292
filedata = buf_new_empty();
293
- sprintf(message, "New file %s.", fname);
294
+ snprintf(message, sizeof(message), "New file %s.", fname);
295
new_file = TRUE;
296
}
297
}
298
@@ -445,9 +445,10 @@
299
300
if (new_file)
301
return TRUE; /* unnecessary - pretend it's done */
302
- strcpy (backup_name, filename);
303
+ backup_name[sizeof(backup_name) - 1] = '\0'; /* ensure null termination */
304
+ strncpy (backup_name, filename, sizeof(backup_name) - 1);
305
#if defined(unix) && !defined(GO32)
306
- strcat (backup_name, ".bak");
307
+ strncat (backup_name, ".bak", sizeof(backup_name) - (strlen(backup_name) + 1));
308
#elif defined(MSDOS)
309
{
310
char *p, *q;
311
@@ -605,7 +606,7 @@
312
int slen;
313
display_moveto (display_rows-2, 0);
314
display_set_colour(COL_STATUS);
315
- sprintf(status, statfmt,
316
+ snprintf(status, sizeof(status), statfmt,
317
(modified ? "**" : " "),
318
filename,
319
(insert_mode ? "(Insert)" :
320
@@ -691,7 +692,7 @@
321
} else if (c == 27 || c == 7) {
322
display_beep();
323
display_post_error();
324
- strcpy (message, "User Break!");
325
+ strncpy (message, "User Break!", sizeof(message));
326
return FALSE;
327
}
328
329
@@ -760,7 +761,7 @@
330
init();
331
#else
332
display_beep();
333
- strcpy(message, "Suspend function not yet implemented.");
334
+ strncpy(message, "Suspend function not yet implemented.", sizeof(message));
335
#endif
336
}
337
338
diff -urNad tweak~/rcfile.c tweak/rcfile.c
339
--- tweak~/rcfile.c 2007-03-14 00:42:05.000000000 -0400
340
+++ tweak/rcfile.c 2008-03-16 20:08:05.301608209 -0400
341
@@ -148,11 +148,12 @@
342
int lineno = 0;
343
int errors = FALSE, errors_here;
344
345
+ rcname[sizeof(rcname) - 1] = '\0'; /* ensure null termination */
346
#if defined(unix) && !defined(GO32)
347
rcname[0] = '\0';
348
if (getenv("HOME"))
349
- strcpy (rcname, getenv("HOME"));
350
- strcat (rcname, "/.tweakrc");
351
+ strncpy (rcname, getenv("HOME"), sizeof(rcname) - 1);
352
+ strncat (rcname, "/.tweakrc", sizeof(rcname) - (1 + strlen(rcname)));
353
#elif defined(MSDOS)
354
/*
355
* Use environment variable TWEAKRC if set. Otherwise, look for
356
@@ -160,19 +161,19 @@
357
* and failing everything else, try C:\TWEAK\TWEAK.RC.
358
*/
359
if (getenv("TWEAKRC"))
360
- strcpy (rcname, getenv("TWEAKRC"));
361
+ strncpy (rcname, getenv("TWEAKRC"), sizeof(rcname) - 1);
362
else {
363
if ( (q = strrchr(pname, '\\')) != NULL) {
364
FILE *tempfp;
365
366
strncpy (rcname, pname, q+1-pname);
367
- strcpy (rcname+(q+1-pname), "TWEAK.RC");
368
+ strncpy (rcname+(q+1-pname), "TWEAK.RC", sizeof(rcname) - (2+q-pname));
369
if ( (tempfp = fopen(rcname, "r")) != NULL)
370
fclose (tempfp);
371
else
372
- strcpy (rcname, "C:\\TWEAK\\TWEAK.RC");
373
+ strncpy (rcname, "C:\\TWEAK\\TWEAK.RC", sizeof(rcname-1));
374
} else
375
- strcpy (rcname, "C:\\TWEAK\\TWEAK.RC");
376
+ strncpy (rcname, "C:\\TWEAK\\TWEAK.RC", sizeof(rcname-1));
377
}
378
#endif
379
380
@@ -197,7 +198,7 @@
381
} else {
382
if (!*p)
383
break;
384
- strcpy (rcbuffer, *p++);
385
+ strncpy (rcbuffer, *p++, sizeof(rcbuffer));
386
}
387
lineno++;
388
errors_here = FALSE;
389
diff -urNad tweak~/slang.c tweak/slang.c
390
--- tweak~/slang.c 2007-03-14 00:42:05.000000000 -0400
391
+++ tweak/slang.c 2008-03-16 20:06:29.796165664 -0400
392
@@ -125,7 +125,7 @@
393
bg = 0;
394
}
395
396
- sprintf(cname, "colour%d", colour);
397
+ snprintf(cname, sizeof(cname), "colour%d", colour);
398
399
SLtt_set_color(colour, cname, colours[fg], colours[bg]);
400
}
Loggerhead is a web-based interface for Breezy
Version: 2.0.1