This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "uClibc-ng - small C library for embedded systems".
The branch, 1.0 has been updated
via 0074f6d29b2794ec9dbcb4a5e3c6e4defac220c2 (commit)
from 312f482d395b591398296b5472a3884a12716cbd (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 0074f6d29b2794ec9dbcb4a5e3c6e4defac220c2
Author: Ben Boeckel <mathstuf(a)gmail.com>
Date: Sat Oct 17 11:58:44 2015 -0400
confdata: fix invalid write
stndup will copy *up to* the size parameter, not allocate a buffer of
that size, so the buffer is not necessarily large enough to fit the
".old" extension.
Caught with glibc's MALLOC_CHECK_=3.
Signed-off-by: Ben Boeckel <mathstuf(a)gmail.com>
-----------------------------------------------------------------------
Summary of changes:
extra/config/confdata.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/extra/config/confdata.c b/extra/config/confdata.c
index 61c91c2..94c63c0 100644
--- a/extra/config/confdata.c
+++ b/extra/config/confdata.c
@@ -814,7 +814,8 @@ next:
fclose(out);
if (*tmpname) {
- dirname = strndup(basename, strlen(basename) + 4);
+ dirname = malloc(strlen(basename) + 4 + 1);
+ strcpy(dirname, basename);
strcat(dirname, ".old");
rename(newname, dirname);
free(dirname);
hooks/post-receive
--
uClibc-ng - small C library for embedded systems
Show replies by date