← Back to branch summary

~ubuntu-branches/ubuntu/raring/nas/raring-updates

« back to all changes in this revision

Viewing changes to server/os/access.c

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2013-09-03 12:36:35 UTC
  • Revision ID: package-import@ubuntu.com-20130903123635-jgisjrx3i0hhpl67
Tags: 1.9.3-5ubuntu0.13.04.1
* SECURITY UPDATE: denial and possible code execution via multiple buffer
  overflows
  - server/os/utils.c: properly validate listen port.
  - server/os/connection.c, server/os/access.c, server/os/osinit.c,
    server/os/aulog.c, server/os/iopreader.c: use snprintf, strncpy, and
    strncat.
  - CVE-2013-4256
  - CVE-2013-4257

Show diffs side-by-side

added added

removed removed

Lines of Context:
server/os/access.c
478
478
        validhosts = host->next;
479
479
        FreeHost(host);
480
480
    }
481
 
    strcpy(fname, "/etc/X");
482
 
    strcat(fname, display);
483
 
    strcat(fname, ".hosts");
 
481
    strncpy(fname, "/etc/X", sizeof fname); fname[sizeof fname - 1] = '\0';
 
482
    strncat(fname, display, sizeof fname - strlen(fname) - 1);
 
483
    strncat(fname, ".hosts", sizeof fname - strlen(fname) - 1);
484
484
    if (fd = fopen(fname, "r")) {
485
485
        while (fgets(hostname, sizeof(hostname), fd)) {
486
486
            if (ptr = index(hostname, '\n'))