[AC21.4] gnuclient buffer overflow fixes
Vin Shelton
acs at xemacs.org
Sun Dec 10 08:08:57 EST 2006
APPROVE COMMIT 21.4
Jerry James <james at xemacs.org> writes:
> lib-src/ChangeLog addition:
>
> 2006-08-11 Jerry James <james at xemacs.org>
>
> * gnuslib.c (disconnect_from_server): shutdown() has been fine on
> Linux for a long time now; use it. Also, don't use length to
> access the buffer unless it is positive, not just nonzero.
> * gnuclient.c (filename_expand): Initialize the last array element
> to get a valid C string in case of overflow. Use strncat to avoid
> buffer overruns.
> * gnuclient.c (main): Use strncpy to avoid buffer overruns.
>
I think my acknowledgement got lost in the great email outage of
2006. (That's my story and I'm stickin' to it.)
Thanks for the patch, Jerry. It has been committed and will appear in
the soon-to-be-released 21.4.20, "Double Solitaire".
- Vin
More information about the XEmacs-Patches
mailing list