| 1 |
jlec 13/03/02 13:09:15 |
| 2 |
|
| 3 |
Added: ncbi-tools-2.2.26-bfr-overflow.patch |
| 4 |
Log: |
| 5 |
sci-biology/ncbi-tools: Fix typo in sed construct, #459920; add patch to fix buffer overflows |
| 6 |
|
| 7 |
(Portage version: 2.2.0_alpha164/cvs/Linux x86_64, signed Manifest commit with key 8009D6F070EB7916) |
| 8 |
|
| 9 |
Revision Changes Path |
| 10 |
1.1 sci-biology/ncbi-tools/files/ncbi-tools-2.2.26-bfr-overflow.patch |
| 11 |
|
| 12 |
file : http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sci-biology/ncbi-tools/files/ncbi-tools-2.2.26-bfr-overflow.patch?rev=1.1&view=markup |
| 13 |
plain: http://sources.gentoo.org/viewvc.cgi/gentoo-x86/sci-biology/ncbi-tools/files/ncbi-tools-2.2.26-bfr-overflow.patch?rev=1.1&content-type=text/plain |
| 14 |
|
| 15 |
Index: ncbi-tools-2.2.26-bfr-overflow.patch |
| 16 |
=================================================================== |
| 17 |
cdromlib/cdnewlib.c | 6 +++--- |
| 18 |
corelib/ncbierr.c | 2 +- |
| 19 |
corelib/ncbisgml.c | 8 ++++---- |
| 20 |
demo/errhdr.c | 2 +- |
| 21 |
4 files changed, 9 insertions(+), 9 deletions(-) |
| 22 |
|
| 23 |
diff --git a/cdromlib/cdnewlib.c b/cdromlib/cdnewlib.c |
| 24 |
index 461292c..be4a2d6 100644 |
| 25 |
--- a/cdromlib/cdnewlib.c |
| 26 |
+++ b/cdromlib/cdnewlib.c |
| 27 |
@@ -2676,7 +2676,7 @@ static int CdDevice_FileBuildPath (CdDevice *cddev, char *fpath, const char *fdi |
| 28 |
char volname[16]; |
| 29 |
volname[0] = '\0'; |
| 30 |
if (cddev->volume != NULL) |
| 31 |
- strncat(volname,cddev->volume->volume_name,sizeof volname); |
| 32 |
+ strncat(volname,cddev->volume->volume_name,sizeof volname - 1); |
| 33 |
else |
| 34 |
sprintf(volname,"entrez%d",cddev->hint); |
| 35 |
if (!FileBuildPath(fpath,volname,NULL)) |
| 36 |
@@ -2748,7 +2748,7 @@ static int CdDevice_Init (CdDevice *cddev) |
| 37 |
memset((void*)&info,0,sizeof info); |
| 38 |
fpath[0] = '\0'; |
| 39 |
if (cddev->inf.root !=NULL) |
| 40 |
- strncat(fpath,cddev->inf.root,sizeof fpath); |
| 41 |
+ strncat(fpath,cddev->inf.root,sizeof fpath - 1); |
| 42 |
|
| 43 |
if (cddev->ins_volname) |
| 44 |
{ |
| 45 |
@@ -2766,7 +2766,7 @@ static int CdDevice_Init (CdDevice *cddev) |
| 46 |
{ |
| 47 |
fpath[0] = '\0'; |
| 48 |
if (cddev->inf.root !=NULL) |
| 49 |
- strncat(fpath,cddev->inf.root,sizeof fpath); |
| 50 |
+ strncat(fpath,cddev->inf.root,sizeof fpath - 1); |
| 51 |
sprintf(volname,"entrez%d",j+1); |
| 52 |
FileBuildPath(fpath,volname,NULL); |
| 53 |
if (CdTestPath(fpath,&info)) |
| 54 |
diff --git a/corelib/ncbierr.c b/corelib/ncbierr.c |
| 55 |
index 0429d86..7b96a2e 100644 |
| 56 |
--- a/corelib/ncbierr.c |
| 57 |
+++ b/corelib/ncbierr.c |
| 58 |
@@ -952,7 +952,7 @@ static FILE * ErrMsgRoot_fopen (ErrMsgRoot *ctx) |
| 59 |
if (FileLength(file)==0 || (fd = FileOpen(file,s_msg_mode)) == NULL) |
| 60 |
{ |
| 61 |
strcpy(path,info->msgpath); |
| 62 |
- strncat(path,file,sizeof(path)); |
| 63 |
+ strncat(path,file,sizeof(path) - 1); |
| 64 |
fd = FileOpen(path,s_msg_mode); |
| 65 |
} |
| 66 |
|
| 67 |
diff --git a/corelib/ncbisgml.c b/corelib/ncbisgml.c |
| 68 |
index 99412be..a653aef 100644 |
| 69 |
--- a/corelib/ncbisgml.c |
| 70 |
+++ b/corelib/ncbisgml.c |
| 71 |
@@ -260,7 +260,7 @@ NLM_EXTERN char * LIBCALL Nlm_Sgml2Ascii (const char *sgml, char *ascii, size_t |
| 72 |
} |
| 73 |
if (i >= num_sgml_entity) |
| 74 |
{ |
| 75 |
- char bad[SGML_ERROR_MSG_LIM]; |
| 76 |
+ char bad[SGML_ERROR_MSG_LIM + 2]; |
| 77 |
bad[0] = '\0'; |
| 78 |
strncat(bad,sgml,SGML_ERROR_MSG_LIM); |
| 79 |
ErrPostEx(SEV_ERROR,E_SGML,3,"Unrecognized SGML entity &%s in [%s]",tbuf,bad); |
| 80 |
@@ -279,7 +279,7 @@ NLM_EXTERN char * LIBCALL Nlm_Sgml2Ascii (const char *sgml, char *ascii, size_t |
| 81 |
from++; |
| 82 |
if (*from == '\0') |
| 83 |
{ |
| 84 |
- char bad[SGML_ERROR_MSG_LIM]; |
| 85 |
+ char bad[SGML_ERROR_MSG_LIM + 2]; |
| 86 |
bad[0] = '\0'; |
| 87 |
strncat(bad,sgml,SGML_ERROR_MSG_LIM); |
| 88 |
ErrPostEx(SEV_ERROR,E_SGML,2, "Unbalanced <> in SGML [%s]",bad); |
| 89 |
@@ -335,7 +335,7 @@ NLM_EXTERN size_t LIBCALL Nlm_Sgml2AsciiLen (const char *sgml) |
| 90 |
} |
| 91 |
if (i >= num_sgml_entity) |
| 92 |
{ |
| 93 |
- char bad[SGML_ERROR_MSG_LIM]; |
| 94 |
+ char bad[SGML_ERROR_MSG_LIM + 2]; |
| 95 |
bad[0] = '\0'; |
| 96 |
strncat(bad,sgml,SGML_ERROR_MSG_LIM); |
| 97 |
ErrPostEx(SEV_ERROR,E_SGML,3,"Unrecognized SGML entity &%s in [%s]",tbuf,bad); |
| 98 |
@@ -349,7 +349,7 @@ NLM_EXTERN size_t LIBCALL Nlm_Sgml2AsciiLen (const char *sgml) |
| 99 |
from++; |
| 100 |
if (*from == '\0') |
| 101 |
{ |
| 102 |
- char bad[SGML_ERROR_MSG_LIM]; |
| 103 |
+ char bad[SGML_ERROR_MSG_LIM + 2]; |
| 104 |
bad[0] = '\0'; |
| 105 |
strncat(bad,sgml,SGML_ERROR_MSG_LIM); |
| 106 |
ErrPostEx(SEV_ERROR,E_SGML,2,"Unbalanced <> in SGML [%s]",bad); |
| 107 |
diff --git a/demo/errhdr.c b/demo/errhdr.c |
| 108 |
index 01cd955..5081489 100644 |
| 109 |
--- a/demo/errhdr.c |
| 110 |
+++ b/demo/errhdr.c |
| 111 |
@@ -41,7 +41,7 @@ int main (int argc, char **argv) |
| 112 |
else if (mod[0] == '\0') |
| 113 |
{ |
| 114 |
char *p; |
| 115 |
- strncat(mod,argv[i],sizeof mod); |
| 116 |
+ strncat(mod,argv[i],sizeof mod - 1); |
| 117 |
if ((p = strstr(argv[i],".msg")) != NULL) |
| 118 |
*p = '\0'; |
| 119 |
} |
Archives