~ubuntu-branches/ubuntu/dapper/bsdgames/dapper

Committer: Bazaar Package Importer
Author(s): Joey Hess
Date: 2006-04-06 19:59:35 UTC
Revision ID: james.westby@ubuntu.com-20060406195935-6bh0a4k9ams99iaq

Tags: 2.17-7

http://bugs.debian.org/360989

* sail: Fix a scanf buffer overrun in initial broadside prompt code,
possibly exploitable. Closes: #360989
* dm: Fix some other, non exploitable scanf buffer overruns.

files removed:
debian/patches

debian/patches/00list

debian/patches/01_ubuntu_acronyms_wtf.dpatch

files modified:
debian/changelog

debian/control

debian/rules

dm/dm.c

sail/pl_main.c

tetris/scores.c

Show diffs side-by-side

added added

removed removed

tetris/scores.c

335

continue;

336

}

337

}

338

levelfound[sp->hs_level] = 1;

338

if (sp->hs_level < NLEVELS && sp->hs_level >= 0)

339

levelfound[sp->hs_level] = 1;

339

340

i++, sp++;

340

341

}

341

342

return (num > MAXHISCORES ? MAXHISCORES : num);

374

375

for (i = MINLEVEL; i < NLEVELS; i++)

375

376

levelfound[i] = 0;

376

377

for (i = 0, sp = scores; i < nscores; i++, sp++) {

377

if (levelfound[sp->hs_level])

378

sp->hs_time = 0;

379

else {

380

sp->hs_time = 1;

381

levelfound[sp->hs_level] = 1;

382

}

378

if (sp->hs_level < NLEVELS && sp->hs_level >= 0) {

379

if (levelfound[sp->hs_level])

380

sp->hs_time = 0;

381

else {

382

sp->hs_time = 1;

383

levelfound[sp->hs_level] = 1;

384

}

385

}

383

386

}

384

387

385

388

433

436

continue;

434

437

}

435

438

sp = &hs[item];

436

(void)sprintf(buf,

439

(void)snprintf(buf, sizeof(buf),

437

440

"%3d%c %6d %-11s (%6d on %d)",

438

441

item + offset, sp->hs_time ? '*' : ' ',

439

442

sp->hs_score * sp->hs_level,

Older »