← Back to branch summary

~ubuntu-branches/ubuntu/jaunty/lpr/jaunty

« back to all changes in this revision

Viewing changes to lpd/recvjob.c

  • Committer: Bazaar Package Importer
  • Author(s): Martin Schulze
  • Date: 2003-03-15 14:54:38 UTC
  • Revision ID: james.westby@ubuntu.com-20030315145438-wvhdf01k99wvq846
Tags: 1:2000.05.07-4.3
* Non-maintainer upload by the Security Team
* Applied patch from SuSE to fix buffer overvlow and arbitrary file access

Show diffs side-by-side

added added

removed removed

Lines of Context:
lpd/recvjob.c
55
55
#include <sys/param.h>
56
56
#include <sys/mount.h>
57
57
#include <sys/stat.h>
 
58
#include <sys/vfs.h>
58
59
 
59
60
#include <unistd.h>
60
61
#include <signal.h>
180
181
                         */
181
182
                        strncpy(cp + 6, from, sizeof(line) + line - cp - 7);
182
183
                        line[sizeof(line) -1 ] = '\0';
 
184
                        if (strchr(cp, '/'))
 
185
                                frecverr("readjob: %s: illegal path name", cp);
183
186
                        strncpy(tfname, cp, sizeof tfname-1);
184
187
                        tfname[sizeof tfname-1] = '\0';
185
188
                        tfname[0] = 't';
186
 
                        if (strchr(tfname, '/'))
187
 
                                frecverr("readjob: %s: illegal path name",
188
 
                                    tfname);
189
189
                        if (!chksize(size)) {
190
190
                                (void) write(1, "\2", 1);
191
191
                                continue;