This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "uClibc-ng - small C library for embedded systems".

The branch, master has been updated via 34983ba9755185046484acafeedb8aae93de9951 (commit) from 1a3b9cf039abc53825b3f65992cc22c36692dc02 (commit)

Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.

- Log ----------------------------------------------------------------- commit 34983ba9755185046484acafeedb8aae93de9951 Author: Ben Boeckel mathstuf@gmail.com Date: Sat Oct 17 11:58:44 2015 -0400

confdata: fix invalid write

stndup will copy *up to* the size parameter, not allocate a buffer of that size, so the buffer is not necessarily large enough to fit the ".old" extension.

Caught with glibc's MALLOC_CHECK_=3.

Signed-off-by: Ben Boeckel mathstuf@gmail.com

-----------------------------------------------------------------------

Summary of changes: extra/config/confdata.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/extra/config/confdata.c b/extra/config/confdata.c index 61c91c2..94c63c0 100644 --- a/extra/config/confdata.c +++ b/extra/config/confdata.c @@ -814,7 +814,8 @@ next: fclose(out);

if (*tmpname) { - dirname = strndup(basename, strlen(basename) + 4); + dirname = malloc(strlen(basename) + 4 + 1); + strcpy(dirname, basename); strcat(dirname, ".old"); rename(newname, dirname); free(dirname);

hooks/post-receive