ports/125787: print/nenscript prevent buffer overflow
Pedro F. Giffuni
pfgshield-freebsd at yahoo.com
Sat Jul 19 23:00:07 UTC 2008
>Number: 125787
>Category: ports
>Synopsis: print/nenscript prevent buffer overflow
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Sat Jul 19 23:00:06 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Pedro F. Giffuni
>Release: 6.3-Release
>Organization:
>Environment:
FreeBSD kakumen.cable.net.co 6.3-RELEASE FreeBSD 6.3-RELEASE #10: Sat Jan 19 01:
13:55 COT 2008 root at kakumen.cable.net.co:/usr/src/sys/amd64/compile/SMP amd
64
>Description:
Minimal patch to prevent a buffer overflow. Really minimal, it's not exploitable.
>How-To-Repeat:
Found casually running security/flawfinder
>Fix:
diff -ruN nenscript.orig/files/patch-main.c nenscript/files/patch-main.c
--- nenscript.orig/files/patch-main.c 1969-12-31 19:00:00.000000000 -0500
+++ nenscript/files/patch-main.c 2008-07-19 14:34:43.000000000 -0500
@@ -0,0 +1,11 @@
+--- main.c.orig 2008-07-19 14:32:26.000000000 -0500
++++ main.c 2008-07-19 14:34:12.000000000 -0500
+@@ -601,7 +601,7 @@
+ exit (1);
+ }
+ #else
+- sprintf (cmd, "%s %s", LPR, printername);
++ snprintf (cmd, sizeof(cmd), "%s %s", LPR, printername);
+ if ((outputstream = popen (cmd, "w")) == NULL) {
+ perror (LPR);
+ exit (1);
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list