+2011-10-17 [mones] 3.7.10cvs34
+
+ * src/addrbook.c
+ * src/exportldif.c
+ * src/jpilot.c
+ * src/mutt.c
+ * src/pine.c
+ * src/procmsg.c
+ * src/vcard.c
+ Fix potential out-of-buffer writes
+
2011-10-17 [mones] 3.7.10cvs33
* src/main.c
( cvs diff -u -r 1.12.2.69 -r 1.12.2.70 src/action.c; cvs diff -u -r 1.115.2.240 -r 1.115.2.241 src/main.c; cvs diff -u -r 1.5.2.98 -r 1.5.2.99 src/gtk/gtkutils.c; cvs diff -u -r 1.4.2.60 -r 1.4.2.61 src/gtk/gtkutils.h; ) > 3.7.10cvs31.patchset
( cvs diff -u -r 1.382.2.585 -r 1.382.2.586 src/compose.c; cvs diff -u -r 1.50.2.63 -r 1.50.2.64 src/compose.h; cvs diff -u -r 1.20.2.27 -r 1.20.2.28 src/gtk/Makefile.am; cvs diff -u -r 1.1.4.17 -r 1.1.4.18 src/gtk/gtkshruler.c; cvs diff -u -r 1.1.4.10 -r 1.1.4.11 src/gtk/gtkshruler.h; diff -u /dev/null src/gtk/gtkunit.c; diff -u /dev/null src/gtk/gtkunit.h; ) > 3.7.10cvs32.patchset
( cvs diff -u -r 1.115.2.241 -r 1.115.2.242 src/main.c; ) > 3.7.10cvs33.patchset
+( cvs diff -u -r 1.22.2.24 -r 1.22.2.25 src/addrbook.c; cvs diff -u -r 1.1.4.22 -r 1.1.4.23 src/exportldif.c; cvs diff -u -r 1.18.2.32 -r 1.18.2.33 src/jpilot.c; cvs diff -u -r 1.6.10.18 -r 1.6.10.19 src/mutt.c; cvs diff -u -r 1.6.2.17 -r 1.6.2.18 src/pine.c; cvs diff -u -r 1.150.2.117 -r 1.150.2.118 src/procmsg.c; cvs diff -u -r 1.14.2.20 -r 1.14.2.21 src/vcard.c; ) > 3.7.10cvs34.patchset
MICRO_VERSION=10
INTERFACE_AGE=0
BINARY_AGE=0
-EXTRA_VERSION=33
+EXTRA_VERSION=34
EXTRA_RELEASE=
EXTRA_GTK2_VERSION=
return NULL;
}
- strcpy(buf, book->path);
+ strncpy(buf, book->path, WORK_BUFLEN);
len = strlen(buf);
if (len > 0) {
if (buf[len-1] != G_DIR_SEPARATOR) {
}
adbookdir = g_strdup(buf);
- strcat(buf, ADDRBOOK_PREFIX);
+ strncat(buf, ADDRBOOK_PREFIX, WORK_BUFLEN);
if( ( dir = g_dir_open( adbookdir, 0, NULL ) ) == NULL ) {
book->retVal = MGU_OPEN_DIRECTORY;
gint i;
gboolean flg;
- strcpy(buf, adbookdir);
- strcat( buf, dir_name );
+ strncpy(buf, adbookdir, WORK_BUFLEN);
+ strncat(buf, dir_name, WORK_BUFLEN);
g_stat(buf, &statbuf);
if (S_ISREG(statbuf.st_mode)) {
if (strncmp(
if( attr ) {
if( value ) {
if( strlen( value ) > 0 ) {
- strcat( buf, attr );
- strcat( buf, "=" );
+ strncat( buf, attr, FMT_BUFSIZE );
+ strncat( buf, "=", FMT_BUFSIZE );
if( dupval ) {
/* Format and free duplicated value */
- strcat( buf, dupval );
+ strncat( buf, dupval, FMT_BUFSIZE );
g_free( dupval );
}
else {
/* Use original value */
- strcat( buf, value );
+ strncat( buf, value, FMT_BUFSIZE );
}
/* Append suffix */
if( ctl->suffix ) {
if( strlen( ctl->suffix ) > 0 ) {
- strcat( buf, "," );
- strcat( buf, ctl->suffix );
+ strncat( buf, ",", FMT_BUFSIZE );
+ strncat( buf, ctl->suffix, FMT_BUFSIZE );
}
}
str[ ++len ] = '\0';
}
}
- strcat( str, JPILOT_DBHOME_DIR );
- strcat( str, G_DIR_SEPARATOR_S );
- strcat( str, JPILOT_DBHOME_FILE );
+ strncat( str, JPILOT_DBHOME_DIR, WORK_BUFLEN );
+ strncat( str, G_DIR_SEPARATOR_S, WORK_BUFLEN );
+ strncat( str, JPILOT_DBHOME_FILE, WORK_BUFLEN );
/* Attempt to open */
if( ( fp = g_fopen( str, "rb" ) ) != NULL ) {
homedir = get_home_dir();
if( ! homedir ) return g_strdup( "" );
- strcpy( str, homedir );
+ strncpy( str, homedir, WORK_BUFLEN );
len = strlen( str );
if( len > 0 ) {
if( str[ len-1 ] != G_DIR_SEPARATOR ) {
str[ ++len ] = '\0';
}
}
- strcat( str, MUTT_HOME_FILE );
+ strncat( str, MUTT_HOME_FILE, WORK_BUFLEN );
/* Attempt to open */
if( ( fp = g_fopen( str, "rb" ) ) != NULL ) {
homedir = get_home_dir();
if( ! homedir ) return g_strdup( "" );
- strcpy( str, homedir );
+ strncpy( str, homedir, WORK_BUFLEN );
len = strlen( str );
if( len > 0 ) {
if( str[ len-1 ] != G_DIR_SEPARATOR ) {
str[ ++len ] = '\0';
}
}
- strcat( str, PINE_HOME_FILE );
+ strncat( str, PINE_HOME_FILE, WORK_BUFLEN );
/* Attempt to open */
if( ( fp = g_fopen( str, "rb" ) ) != NULL ) {
g_free(prtmp);
g_strchomp(buf);
- if (buf[strlen(buf) - 1] != '&') strcat(buf, "&");
+ if (buf[strlen(buf) - 1] != '&') strncat(buf, "&", sizeof(buf));
if (system(buf) == -1)
g_warning("system(%s) failed.", buf);
}
homedir = get_home_dir();
if( ! homedir ) return NULL;
- strcpy( str, homedir );
+ strncpy( str, homedir, WORK_BUFLEN );
len = strlen( str );
if( len > 0 ) {
if( str[ len-1 ] != G_DIR_SEPARATOR ) {
str[ ++len ] = '\0';
}
}
- strcat( str, GNOMECARD_DIR );
- strcat( str, G_DIR_SEPARATOR_S );
- strcat( str, GNOMECARD_FILE );
+ strncat( str, GNOMECARD_DIR, WORK_BUFLEN );
+ strncat( str, G_DIR_SEPARATOR_S, WORK_BUFLEN );
+ strncat( str, GNOMECARD_FILE, WORK_BUFLEN );
fileSpec = NULL;
if( ( fp = g_fopen( str, "rb" ) ) != NULL ) {