blob: d2841d736841f5e2ff9bad0303bd808d14d1a6c0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
Fix buffer overflow problem, as reported in
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1356
-- Rafael Laboissiere <rafael@debian.org> Tue, 01 Jul 2008 17:10:33 +0200
Index: libvc-003.dfsg.1/src/vc.c
===================================================================
--- libvc-003.dfsg.1.orig/src/vc.c 2008-07-01 17:19:22.000000000 +0200
+++ libvc-003.dfsg.1/src/vc.c 2008-07-01 17:19:24.000000000 +0200
@@ -25,6 +25,7 @@
#include "vc.h"
#include <stdlib.h>
#include <string.h>
+#define __USE_GNU
#include <stdio.h>
#define BUF_LEN 80
@@ -832,14 +833,16 @@
int
count_vcards (FILE * fp)
{
- char buf[256];
+ char* line = NULL;
+ size_t len = 0;
int counter = 0;
- while (EOF != fscanf (fp, "%s\n", buf))
- {
- if (0 == strcasecmp (buf, "BEGIN:VCARD"))
- counter++;
- }
+ while (getline (&line, &len, fp) != EOF)
+ if (0 == strncasecmp (line, "BEGIN:VCARD", 11))
+ counter++;
+
+ if (line)
+ free (line);
return counter;
}
|