Fix for possible crashes in src/utilunix.c
- From: "Andrew V. Samoilov" <kai cmail ru>
- To: mc-devel gnome org
- Subject: Fix for possible crashes in src/utilunix.c
- Date: Mon, 1 Jul 2002 16:58:23 +0300
Hi, Pavel!
This patch fixes 2 possible buffer overflows in the mc.
Test case:
1. Be sure there is no %d file in the current directory.
2. Type M-!
3. Type "gzip %d" and press Enter.
'%s' can crash your mc.
P.S. Please commit this patch, I have not access to cvs now.
src/ChangeLog:
* utilunix.c (close_error_pipe): Use "%s" in message () to prevent
possible crash.
(check_error_pipe): Likewise.
--- src/utilunix.c Tue Mar 19 17:36:45 2002
+++ src/utilunix.c Mon Jul 1 16:37:53 2002
@@ -401,7 +401,7 @@ close_error_pipe (int error, char *text)
if (len == 0) return 0; /* Nothing to show */
/* Show message from pipe */
- message (error, title, msg);
+ message (error, title, "%s", msg);
} else {
/* Show given text and possible message from pipe */
message (error, title, " %s \n %s ", text, msg);
@@ -435,9 +435,9 @@ void check_error_pipe (void)
close (error_pipe[0]);
}
if (len > 0)
- message (0, _(" Warning "), error);
+ message (0, _(" Warning "), "%s", error);
}
-#endif
+#endif /* !VFS_STANDALONE */
static struct sigaction ignore, save_intr, save_quit, save_stop;
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
