From: Ricardo Mones <ricardo@mones.org>
Date: Sat, 29 Nov 2014 21:53:33 +0000 (+0100)
Subject: Fix possible buffer overflow (CVE 2010-5109)
X-Git-Tag: 3.12.0~206
X-Git-Url: http://git.claws-mail.org/?p=claws.git;a=commitdiff_plain;h=a8df3ae48ad5732018934b378abb11a022735c5e;hp=5c904ffa6257f591d0ffde8d90faa592bc384270;ds=sidebyside

Fix possible buffer overflow (CVE 2010-5109)

Patch by Petr Písař <ppisar@redhat.com>
RedHat bug: https://bugzilla.redhat.com/show_bug.cgi?id=831322
Debian bug: https://bugs.debian.org/771360
---

diff --git a/src/plugins/tnef_parse/ytnef.c b/src/plugins/tnef_parse/ytnef.c
index a2e7ed394..918483607 100644
--- a/src/plugins/tnef_parse/ytnef.c
+++ b/src/plugins/tnef_parse/ytnef.c
@@ -1352,7 +1352,7 @@ unsigned char *DecompressRTF(variableLength *p, int *size) {
 
     comp_Prebuf.size = strlen(RTF_PREBUF);
     comp_Prebuf.data = calloc(comp_Prebuf.size + 1, 1);
-    strcpy(comp_Prebuf.data, RTF_PREBUF);
+    memcpy(comp_Prebuf.data, RTF_PREBUF, comp_Prebuf.size);
 
     src = p->data;
     in = 0;