Date: Mon, 18 Aug 2003 14:56:11 +0200 (CEST) From: Alex Dupre <sysadmin@alexdupre.com> To: FreeBSD-gnats-submit@FreeBSD.org Cc: roam@FreeBSD.org Subject: ports/55700: [Fix] Port: mail/autoresponder (strncpy bug) Message-ID: <200308181256.h7ICuBTd001557@vaio.alexdupre.com> Resent-Message-ID: <200308181610.h7IGANnl053239@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 55700 >Category: ports >Synopsis: [Fix] Port: mail/autoresponder (strncpy bug) >Confidential: no >Severity: critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Aug 18 09:10:23 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Alex Dupre >Release: FreeBSD 4.8-ALEXDUPRE i386 >Organization: >Environment: System: FreeBSD 4.8-ALEXDUPRE i386 >Description: strncpy() doesn't append a null character at the end of the string, so the next strncat() call crashes (core dump). Noted only with -current and gcc3, but it's a sw bug anyway. >How-To-Repeat: >Fix: --- autorespond.diff begins here --- diff -ruN autorespond.orig/Makefile autorespond/Makefile --- autorespond.orig/Makefile Mon Aug 18 14:47:28 2003 +++ autorespond/Makefile Mon Aug 18 14:47:56 2003 @@ -7,6 +7,7 @@ PORTNAME= autorespond PORTVERSION= 2.0.3 +PORTREVISION= 1 CATEGORIES= mail MASTER_SITES= http://www.inter7.com/devel/ @@ -14,7 +15,7 @@ PATCHFILES= ${DISTNAME}-conf-strcasestr.patch MAINTAINER= roam@FreeBSD.org -COMMENT= "Simple autoresponder for qmail" +COMMENT= Simple autoresponder for qmail post-patch: ${ECHO_CMD} "${CC} ${CFLAGS}" > ${WRKSRC}/conf-cc diff -ruN autorespond.orig/files/patch-autorespond.c autorespond/files/patch-autorespond.c --- autorespond.orig/files/patch-autorespond.c Thu Jan 1 01:00:00 1970 +++ autorespond/files/patch-autorespond.c Mon Aug 18 14:47:36 2003 @@ -0,0 +1,11 @@ +--- autorespond.c.orig Mon Aug 18 14:41:33 2003 ++++ autorespond.c Mon Aug 18 14:42:14 2003 +@@ -572,7 +572,7 @@ + if ( *rpath == '$' ) + { + rpath = safe_malloc( strlen(TheUser) + strlen(TheDomain) + 2); +- strncpy( rpath, TheUser, strlen(TheUser) ); ++ strncpy( rpath, TheUser, strlen(TheUser) + 1 ); + strncat( rpath, "@", 1 ); + strncat( rpath, TheDomain, strlen(TheDomain) ); + } --- autorespond.diff ends here --- >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200308181256.h7ICuBTd001557>