From owner-freebsd-gnome@FreeBSD.ORG Thu Jun 26 21:22:26 2003 Return-Path: Delivered-To: freebsd-gnome@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6C17037B401 for ; Thu, 26 Jun 2003 21:22:26 -0700 (PDT) Received: from obsecurity.dyndns.org (adsl-64-169-104-32.dsl.lsan03.pacbell.net [64.169.104.32]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6FEFD43FE9 for ; Thu, 26 Jun 2003 21:22:25 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: from rot13.obsecurity.org (rot13.obsecurity.org [10.0.0.5]) by obsecurity.dyndns.org (Postfix) with ESMTP id 90B6866BE5 for ; Thu, 26 Jun 2003 21:22:24 -0700 (PDT) Received: by rot13.obsecurity.org (Postfix, from userid 1000) id 5D320B88; Thu, 26 Jun 2003 21:22:24 -0700 (PDT) Date: Thu, 26 Jun 2003 21:22:24 -0700 From: Kris Kennaway To: gnome@FreeBSD.org Message-ID: <20030627042224.GA77418@rot13.obsecurity.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="uZ3hkaAS1mZxFaxD" Content-Disposition: inline User-Agent: Mutt/1.4.1i Subject: Buffer handling bugs in glimmer X-BeenThere: freebsd-gnome@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: GNOME for FreeBSD -- porting and maintaining List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jun 2003 04:22:26 -0000 --uZ3hkaAS1mZxFaxD Content-Type: multipart/mixed; boundary="45Z9DzgjV8m4Oswq" Content-Disposition: inline --45Z9DzgjV8m4Oswq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable The patches are attached. Can someone please test this? Kris ----- Forwarded message from Anil Madhavapeddy ----- X-Original-To: kkenn@localhost Delivered-To: kkenn@localhost.obsecurity.org X-Originating-IP: [128.125.38.123] Delivered-To: kris@freebsd.org Date: Tue, 17 Jun 2003 08:06:42 -0600 (MDT) From: Anil Madhavapeddy To: ports-changes@cvs.openbsd.org Subject: CVS: cvs.openbsd.org: ports X-Spam-Level:=20 X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) X-Loop: ports-changes@openbsd.org Precedence: list Reply-To: Anil Madhavapeddy X-Bogosity: No, tests=3Dbogofilter, spamicity=3D0.000000, version=3D0.13.6 CVSROOT: /cvs Module name: ports Changes by: avsm@cvs.openbsd.org 2003/06/17 08:06:42 Modified files: editors/glimmer: Makefile=20 Added files: editors/glimmer/patches: patch-src_file-io_c patch-src_main_c=20 Log message: patch a couple of too-small buffers that could lead to path truncation maintainer ok, submitted upstream ----- End forwarded message ----- --45Z9DzgjV8m4Oswq Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=patch-src_file-io_c Content-Transfer-Encoding: quoted-printable $OpenBSD: patch-src_file-io_c,v 1.1 2003/06/17 14:06:42 avsm Exp $ --- src/file-io.c.orig Tue Jun 17 01:52:36 2003 +++ src/file-io.c Tue Jun 17 01:53:49 2003 @@ -102,10 +102,10 @@ void new_file_real (char *filename) { GnomeVFSURI *uri; - gchar cwd[256]; + gchar cwd[MAXPATHLEN]; gchar *full; =20 - getcwd (cwd, 256); + getcwd (cwd, sizeof(cwd)); full =3D g_strconcat (cwd, "/", filename, NULL); uri =3D gnome_vfs_uri_new (full); g_free (full); --45Z9DzgjV8m4Oswq Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename=patch-src_main_c Content-Transfer-Encoding: quoted-printable $OpenBSD: patch-src_main_c,v 1.1 2003/06/17 14:06:42 avsm Exp $ --- src/main.c.orig Tue Jun 17 01:53:17 2003 +++ src/main.c Tue Jun 17 01:54:18 2003 @@ -342,7 +342,7 @@ main_finish (void *closure, int argc, ch gchar *path; gchar *file; gchar *full; - gchar cwd[256]; + gchar cwd[MAXPATHLEN]; =20 args =3D (gchar **) poptGetArgs (pctx); =20 @@ -381,7 +381,7 @@ main_finish (void *closure, int argc, ch } } if (input_file) { - gchar *path, *file, *full, cwd[256]; + gchar *path, *file, *full, cwd[MAXPATHLEN]; =20 getcwd (cwd, sizeof (cwd)); path =3D get_path_from_filename (input_file); --45Z9DzgjV8m4Oswq-- --uZ3hkaAS1mZxFaxD Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE++8aAWry0BWjoQKURAuJ0AJ9+OMHN+hpWkXtC5J2lcvwoeyKMowCg7de8 InEerTqBZmB2zM6SRaWVEBI= =cZxy -----END PGP SIGNATURE----- --uZ3hkaAS1mZxFaxD--