2012-01-20 [pawel] 3.8.0cvs16
authorPaweł Pękala <c0rn@gazeta.pl>
Fri, 20 Jan 2012 22:56:54 +0000 (22:56 +0000)
committerPaweł Pękala <c0rn@gazeta.pl>
Fri, 20 Jan 2012 22:56:54 +0000 (22:56 +0000)
* src/addrbook.c
* src/exportldif.c
Fix bug #2574 'Statement might be overflowing a
buffer in strncat'

ChangeLog
PATCHSETS
configure.ac
src/addrbook.c
src/exportldif.c

index 0abe83a..7119c7a 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,10 @@
+2012-01-20 [pawel]     3.8.0cvs16
+
+       * src/addrbook.c
+       * src/exportldif.c
+               Fix bug #2574 'Statement might be overflowing a
+               buffer in strncat'
+
 2012-01-20 [pawel]     3.8.0cvs15
 
        * src/mimeview.c
index 1beed1e..1e9a875 100644 (file)
--- a/PATCHSETS
+++ b/PATCHSETS
 ( cvs diff -u -r 1.274.2.340 -r 1.274.2.341 src/mainwindow.c;  cvs diff -u -r 1.39.2.62 -r 1.39.2.63 src/mainwindow.h;  cvs diff -u -r 1.43.2.124 -r 1.43.2.125 src/toolbar.c;  ) > 3.8.0cvs13.patchset
 ( cvs diff -u -r 1.1.2.39 -r 1.1.2.40 commitHelper;  ) > 3.8.0cvs14.patchset
 ( cvs diff -u -r 1.83.2.187 -r 1.83.2.188 src/mimeview.c;  ) > 3.8.0cvs15.patchset
+( cvs diff -u -r 1.22.2.26 -r 1.22.2.27 src/addrbook.c;  cvs diff -u -r 1.1.4.23 -r 1.1.4.24 src/exportldif.c;  ) > 3.8.0cvs16.patchset
index c54d7fb..aa81455 100644 (file)
@@ -12,7 +12,7 @@ MINOR_VERSION=8
 MICRO_VERSION=0
 INTERFACE_AGE=0
 BINARY_AGE=0
-EXTRA_VERSION=15
+EXTRA_VERSION=16
 EXTRA_RELEASE=
 EXTRA_GTK2_VERSION=
 
index 4350bf2..e08a5e7 100644 (file)
@@ -1804,7 +1804,7 @@ GList *addrbook_get_bookfile_list(AddressBookFile *book) {
        GDir *dir;
        const gchar *dir_name;
        struct stat statbuf;
-       gchar buf[WORK_BUFLEN];
+       gchar buf[WORK_BUFLEN + 1];
        gchar numbuf[WORK_BUFLEN];
        gint len, lenpre, lensuf, lennum;
        long int val, maxval;
@@ -1827,7 +1827,7 @@ GList *addrbook_get_bookfile_list(AddressBookFile *book) {
        }
 
        adbookdir = g_strdup(buf);
-       strncat(buf, ADDRBOOK_PREFIX, WORK_BUFLEN);
+       strncat(buf, ADDRBOOK_PREFIX, WORK_BUFLEN - strlen(buf));
 
        if( ( dir = g_dir_open( adbookdir, 0, NULL ) ) == NULL ) {
                book->retVal = MGU_OPEN_DIRECTORY;
@@ -1846,7 +1846,7 @@ GList *addrbook_get_bookfile_list(AddressBookFile *book) {
                gboolean flg;
 
                strncpy(buf, adbookdir, WORK_BUFLEN);
-               strncat(buf, dir_name, WORK_BUFLEN);
+               strncat(buf, dir_name, WORK_BUFLEN - strlen(buf));
                g_stat(buf, &statbuf);
                if (S_ISREG(statbuf.st_mode)) {
                        if (strncmp(
index c96901d..b535d0e 100644 (file)
@@ -197,7 +197,7 @@ static gchar *exportldif_fmt_value( gchar *value ) {
 static gchar *exportldif_fmt_dn(
                ExportLdifCtl *ctl, const ItemPerson *person )
 {
-       gchar buf[ FMT_BUFSIZE ];
+       gchar buf[ FMT_BUFSIZE + 1 ];
        gchar *retVal = NULL;
        gchar *attr = NULL;
        gchar *value = NULL;
@@ -231,23 +231,23 @@ static gchar *exportldif_fmt_dn(
        if( attr ) {
                if( value ) {
                        if( strlen( value ) > 0 ) {
-                               strncat( buf, attr, FMT_BUFSIZE );
-                               strncat( buf, "=", FMT_BUFSIZE );
+                               strncat( buf, attr, FMT_BUFSIZE - strlen(buf) );
+                               strncat( buf, "=", FMT_BUFSIZE - strlen(buf) );
                                if( dupval ) {
                                        /* Format and free duplicated value */
-                                       strncat( buf, dupval, FMT_BUFSIZE );
+                                       strncat( buf, dupval, FMT_BUFSIZE - strlen(buf) );
                                        g_free( dupval );
                                }
                                else {
                                        /* Use original value */
-                                       strncat( buf, value, FMT_BUFSIZE );
+                                       strncat( buf, value, FMT_BUFSIZE - strlen(buf) );
                                }
 
                                /* Append suffix */
                                if( ctl->suffix ) {
                                        if( strlen( ctl->suffix ) > 0 ) {
-                                               strncat( buf, ",", FMT_BUFSIZE );
-                                               strncat( buf, ctl->suffix, FMT_BUFSIZE );
+                                               strncat( buf, ",", FMT_BUFSIZE - strlen(buf) );
+                                               strncat( buf, ctl->suffix, FMT_BUFSIZE - strlen(buf) );
                                        }
                                }