1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
|
#! /bin/sh /usr/share/dpatch/dpatch-run
## 09_fix_-icshost_buffer_overflow.dpatch by Florian Ernst <florian@debian.org>
##
## All lines beginning with `## DP:' are a description of the patch.
## DP: Of minor importance, though, as there is probably no attack vector
## DP: See bug#343560
@DPATCH@
diff -urNad xboard-4.2.7~/backend.c xboard-4.2.7/backend.c
--- xboard-4.2.7~/backend.c 2003-11-28 10:37:36.000000000 +0100
+++ xboard-4.2.7/backend.c 2005-12-16 22:19:16.000000000 +0100
@@ -692,7 +692,7 @@
sprintf(buf, "Could not open comm port %s",
appData.icsCommPort);
} else {
- sprintf(buf, "Could not connect to host %s, port %s",
+ snprintf(buf, sizeof(buf), "Could not connect to host %s, port %s",
appData.icsHost, appData.icsPort);
}
DisplayFatalError(buf, err, 1);
@@ -869,18 +869,18 @@
} else if (*appData.gateway != NULLCHAR) {
if (*appData.remoteShell == NULLCHAR) {
/* Use the rcmd protocol to run telnet program on a gateway host */
- sprintf(buf, "%s %s %s",
+ snprintf(buf, sizeof(buf), "%s %s %s",
appData.telnetProgram, appData.icsHost, appData.icsPort);
return OpenRcmd(appData.gateway, appData.remoteUser, buf, &icsPR);
} else {
/* Use the rsh program to run telnet program on a gateway host */
if (*appData.remoteUser == NULLCHAR) {
- sprintf(buf, "%s %s %s %s %s", appData.remoteShell,
+ snprintf(buf, sizeof(buf), "%s %s %s %s %s", appData.remoteShell,
appData.gateway, appData.telnetProgram,
appData.icsHost, appData.icsPort);
} else {
- sprintf(buf, "%s %s -l %s %s %s %s",
+ snprintf(buf, sizeof(buf), "%s %s -l %s %s %s %s",
appData.remoteShell, appData.gateway,
appData.remoteUser, appData.telnetProgram,
appData.icsHost, appData.icsPort);
@@ -1684,7 +1684,7 @@
if (loggedOn && !have_set_title && ics_handle[0] != NULLCHAR) {
char buf[MSG_SIZ];
- sprintf(buf, "%s@%s", ics_handle, appData.icsHost);
+ snprintf(buf, sizeof(buf), "%s@%s", ics_handle, appData.icsHost);
DisplayIcsInteractionTitle(buf);
have_set_title = TRUE;
}
@@ -4882,7 +4882,7 @@
SendToProgram(buf, cps);
}
if (cps->sendICS) {
- sprintf(buf, "ics %s\n", appData.icsActive ? appData.icsHost : "-");
+ snprintf(buf, sizeof(buf), "ics %s\n", appData.icsActive ? appData.icsHost : "-");
SendToProgram(buf, cps);
}
cps->maybeThinking = FALSE;
diff -urNad xboard-4.2.7~/xboard.c xboard-4.2.7/xboard.c
--- xboard-4.2.7~/xboard.c 2003-11-19 09:42:18.000000000 +0100
+++ xboard-4.2.7/xboard.c 2005-12-16 22:19:16.000000000 +0100
@@ -6734,8 +6734,8 @@
strcpy(icon, text);
strcpy(title, text);
} else if (appData.icsActive) {
- sprintf(icon, "%s", appData.icsHost);
- sprintf(title, "%s: %s", programName, appData.icsHost);
+ snprintf(icon, sizeof(icon), "%s", appData.icsHost);
+ snprintf(title, sizeof(title), "%s: %s", programName, appData.icsHost);
} else if (appData.cmailGameName[0] != NULLCHAR) {
sprintf(icon, "%s", "CMail");
sprintf(title, "%s: %s", programName, "CMail");
@@ -6804,7 +6804,7 @@
} else {
fprintf(stderr, "%s: %s: %s\n",
programName, message, strerror(error));
- sprintf(buf, "%s: %s", message, strerror(error));
+ snprintf(buf, sizeof(buf), "%s: %s", message, strerror(error));
message = buf;
}
if (appData.popupExitMessage && boardWidget && XtIsRealized(boardWidget)) {
@@ -7488,9 +7488,9 @@
char cmdLine[MSG_SIZ];
if (port[0] == NULLCHAR) {
- sprintf(cmdLine, "%s %s", appData.telnetProgram, host);
+ snprintf(cmdLine, sizeof(cmdLine), "%s %s", appData.telnetProgram, host);
} else {
- sprintf(cmdLine, "%s %s %s", appData.telnetProgram, host, port);
+ snprintf(cmdLine, sizeof(cmdLine), "%s %s %s", appData.telnetProgram, host, port);
}
return StartChildProcess(cmdLine, "", pr);
}
|
