Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:12.1
qpopper
security1.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File security1.diff of Package qpopper
diff --git a/common/logit.c b/common/logit.c index 883e465..10ebb53 100644 --- a/common/logit.c +++ b/common/logit.c @@ -160,8 +160,8 @@ vlogit ( FILE *str, /* STREAM to write to, or NULL for syslog */ if ( DEBUGGING && fn != NULL ) { char whence [ 512 ]; int len; - - iLeft -= ( iChunk >= 0 ? iChunk : (int) strlen(msgbuf) ); + + iLeft -= strlen(msgbuf); len = Qsprintf ( whence, " [%s:%zu]", fn, ln ); strncat ( msgbuf, whence, iLeft ); msgbuf [ sizeof(msgbuf) -1 ] = '\0'; /* just to make sure */ @@ -191,7 +191,7 @@ vlogit ( FILE *str, /* STREAM to write to, or NULL for syslog */ syslog ( loglev, "%s", msgbuf) ; } - if ( iChunk == -1 ) { + if ( iChunk >= sizeof(msgbuf) - 1 ) { /* * We blew out the format buffer. */ diff --git a/common/snprintf.c b/common/snprintf.c index 047417e..07ac1c6 100644 --- a/common/snprintf.c +++ b/common/snprintf.c @@ -358,7 +358,12 @@ Qvsnprintf ( char *s, size_t n, const char *format, va_list ap ) limit = atoi ( p ); } else - if ( nState == IN_FORM && bWidth == FALSE ) { + /* This statement originally had nState == IN_FORM + * but we never get here when in state IN_FORM. + * They probably meant IN_CONV. + * If you insist on re-inventing wheels, they invariably + * turn out to be bumpier that the original. --okir */ + if ( nState == IN_CONV && bWidth == FALSE ) { bWidth = TRUE; width = atoi ( p ); } diff --git a/popper/popauth.c b/popper/popauth.c index 012e997..b2fd447 100644 --- a/popper/popauth.c +++ b/popper/popauth.c @@ -788,6 +788,8 @@ char *argv[]; fprintf ( stderr, "%s: \"-%s\" unknown option\n", program, cp ); helpful(); case TRACESW: + if (getuid()) + adios ( HERE, "you are not allowed to do that" ); debug++; open_trace ( argv[1] ); argc--;
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor