diff options
Diffstat (limited to 'count-vcards-buffer-overflow.diff')
-rw-r--r-- | count-vcards-buffer-overflow.diff | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/count-vcards-buffer-overflow.diff b/count-vcards-buffer-overflow.diff new file mode 100644 index 000000000000..d2841d736841 --- /dev/null +++ b/count-vcards-buffer-overflow.diff @@ -0,0 +1,40 @@ +Fix buffer overflow problem, as reported in +http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1356 + + -- Rafael Laboissiere <rafael@debian.org> Tue, 01 Jul 2008 17:10:33 +0200 + +Index: libvc-003.dfsg.1/src/vc.c +=================================================================== +--- libvc-003.dfsg.1.orig/src/vc.c 2008-07-01 17:19:22.000000000 +0200 ++++ libvc-003.dfsg.1/src/vc.c 2008-07-01 17:19:24.000000000 +0200 +@@ -25,6 +25,7 @@ + #include "vc.h" + #include <stdlib.h> + #include <string.h> ++#define __USE_GNU + #include <stdio.h> + + #define BUF_LEN 80 +@@ -832,14 +833,16 @@ + int + count_vcards (FILE * fp) + { +- char buf[256]; ++ char* line = NULL; ++ size_t len = 0; + int counter = 0; + +- while (EOF != fscanf (fp, "%s\n", buf)) +- { +- if (0 == strcasecmp (buf, "BEGIN:VCARD")) +- counter++; +- } ++ while (getline (&line, &len, fp) != EOF) ++ if (0 == strncasecmp (line, "BEGIN:VCARD", 11)) ++ counter++; ++ ++ if (line) ++ free (line); + + return counter; + } |