aboutsummaryrefslogtreecommitdiffstats
path: root/korean/helvis
diff options
context:
space:
mode:
authorjedgar <jedgar@FreeBSD.org>2001-01-29 10:47:44 +0800
committerjedgar <jedgar@FreeBSD.org>2001-01-29 10:47:44 +0800
commitf4c434a6e5d3f15556ac5e01061d4153320c9ac8 (patch)
tree84bda9544e6aecaa662f4299648c9cecfe6a472e /korean/helvis
parente3f961fa206a68685e8e49c7befb295f5927ab12 (diff)
downloadfreebsd-ports-gnome-f4c434a6e5d3f15556ac5e01061d4153320c9ac8.tar.gz
freebsd-ports-gnome-f4c434a6e5d3f15556ac5e01061d4153320c9ac8.tar.zst
freebsd-ports-gnome-f4c434a6e5d3f15556ac5e01061d4153320c9ac8.zip
Fix exploitable buffer overflow in elvrec
Diffstat (limited to 'korean/helvis')
-rw-r--r--korean/helvis/files/patch-elvrec.c55
1 files changed, 55 insertions, 0 deletions
diff --git a/korean/helvis/files/patch-elvrec.c b/korean/helvis/files/patch-elvrec.c
new file mode 100644
index 000000000000..0fc758617127
--- /dev/null
+++ b/korean/helvis/files/patch-elvrec.c
@@ -0,0 +1,55 @@
+--- elvrec.c.orig Mon Mar 21 14:27:37 1994
++++ elvrec.c Sun Jan 28 20:52:16 2001
+@@ -10,6 +10,7 @@
+ */
+
+
++#include <sys/param.h>
+ #include <stdio.h>
+ #include "config.h"
+ #include "vi.h"
+@@ -22,8 +23,8 @@
+ char *basename; /* the name of the file to recover */
+ char *outname; /* the name of the file to write to */
+ {
+- char pathname[500]; /* full pathname of the file to recover */
+- char line[600]; /* a line from the /usr/preserve/Index file */
++ char pathname[MAXPATHLEN]; /* full pathname of the file to recover */
++ char line[MAXPATHLEN]; /* a line from the /usr/preserve/Index file */
+ int ch; /* a character from the text being recovered */
+ FILE *from; /* the /usr/preserve file, or /usr/preserve/Index */
+ FILE *to; /* the user's text file */
+@@ -42,19 +43,15 @@
+ if (basename[0] != SLASH)
+ # endif
+ {
+- ptr = getcwd(pathname, sizeof pathname);
+- if (ptr != pathname)
+- {
+- strcpy(pathname, ptr);
+- }
+- ptr = pathname + strlen(pathname);
+- *ptr++ = SLASH;
+- strcpy(ptr, basename);
++ if ((ptr = getcwd(pathname, sizeof pathname)) == NULL)
++ err(1, "getcwd() failed");
++ snprintf(pathname, sizeof(pathname), "%s/%s", ptr,
++ basename);
+ }
+ else
+ #endif
+ {
+- strcpy(pathname, basename);
++ strlcpy(pathname, basename, sizeof(pathname));
+ }
+ }
+
+@@ -67,6 +64,8 @@
+ * version of this file.
+ */
+ from = fopen(PRSVINDEX, "r");
++ if (!from)
++ err(1, "fopen() %s failed", PRSVINDEX);
+ while (from && fgets(line, sizeof line, from))
+ {
+ /* strip off the newline from the end of the string */