Resolves: bz505605

This commit is contained in:
Neil Horman 2009-06-12 17:51:59 +00:00
parent 9d3289403a
commit faafb29978
2 changed files with 105 additions and 1 deletions

View File

@ -0,0 +1,99 @@
diff -pruN cscope-15.6.orig/src/dir.c cscope-15.6/src/dir.c
--- cscope-15.6.orig/src/dir.c 2006-09-30 10:13:00.000000000 +0200
+++ cscope-15.6/src/dir.c 2009-06-12 16:56:33.000000000 +0200
@@ -129,7 +129,6 @@ sourcedir(char *dirlist)
/* parse the directory list */
dir = strtok(dirlist, DIRSEPS);
while (dir != NULL) {
- int dir_len = strlen(dir);
addsrcdir(dir);
@@ -139,8 +138,7 @@ sourcedir(char *dirlist)
/* compute its path from higher view path source dirs */
for (i = 1; i < nvpsrcdirs; ++i) {
- sprintf(path, "%.*s/%s",
- PATHLEN - 2 - dir_len,
+ snprintf(path, PATHLEN, "%s/%s",
srcdirs[i], dir);
addsrcdir(path);
}
@@ -197,7 +195,6 @@ includedir(char *dirlist)
/* parse the directory list */
dir = strtok(dirlist, DIRSEPS);
while (dir != NULL) {
- size_t dir_len = strlen(dir);
addincdir(dir, dir);
@@ -207,8 +204,7 @@ includedir(char *dirlist)
/* compute its path from higher view path source dirs */
for (i = 1; i < nvpsrcdirs; ++i) {
- sprintf(path, "%.*s/%s",
- PATHLEN - 2 - dir_len,
+ snprintf(path, PATHLEN, "%s/%s",
srcdirs[i], dir);
addincdir(dir, path);
}
@@ -480,9 +476,6 @@ static void
scan_dir(const char *adir, BOOL recurse_dir)
{
DIR *dirfile;
- int adir_len = strlen(adir);
-
- /* FIXME: no guards against adir_len > PATHLEN, yet */
if ((dirfile = opendir(adir)) != NULL) {
struct dirent *entry;
@@ -494,8 +487,7 @@ scan_dir(const char *adir, BOOL recurse_
&& (strcmp("..",entry->d_name) != 0)) {
struct stat buf;
- sprintf(path,"%s/%.*s", adir,
- PATHLEN - 2 - adir_len,
+ snprintf(path, PATHLEN, "%s/%s", adir,
entry->d_name);
if (lstat(path,&buf) == 0) {
@@ -599,20 +591,19 @@ incfile(char *file, char *type)
if (type[0] == '"' && (s = inviewpath(file)) != NULL) {
addsrcfile(s);
} else {
- size_t file_len = strlen(file);
/* search for the file in the #include directory list */
for (i = 0; i < nincdirs; ++i) {
/* don't include the file from two directories */
- sprintf(name, "%.*s/%s",
- PATHLEN - 2 - file_len, incnames[i],
+ snprintf(name, PATHLEN, "%s/%s",
+ incnames[i],
file);
if (infilelist(name) == YES) {
break;
}
/* make sure it exists and is readable */
- sprintf(path, "%.*s/%s",
- PATHLEN - 2 - file_len, incdirs[i],
+ snprintf(path, PATHLEN, "%s/%s",
+ incdirs[i],
file);
if (access(compath(path), READ) == 0) {
addsrcfile(path);
@@ -655,12 +646,11 @@ inviewpath(char *file)
/* if it isn't a full path name and there is a multi-directory
* view path */
if (*file != '/' && vpndirs > 1) {
- int file_len = strlen(file);
/* compute its path from higher view path source dirs */
for (i = 1; i < nvpsrcdirs; ++i) {
- sprintf(path, "%.*s/%s",
- PATHLEN - 2 - file_len, srcdirs[i],
+ snprintf(path, PATHLEN, "%s/%s",
+ srcdirs[i],
file);
if (access(compath(path), READ) == 0) {
return(path);

View File

@ -1,7 +1,7 @@
Summary: C source code tree search and browse tool Summary: C source code tree search and browse tool
Name: cscope Name: cscope
Version: 15.6 Version: 15.6
Release: 3%{?dist} Release: 4%{?dist}
Source0: http://unc.dl.sourceforge.net/sourceforge/cscope/cscope-15.6.tar.gz Source0: http://unc.dl.sourceforge.net/sourceforge/cscope/cscope-15.6.tar.gz
URL: http://cscope.sourceforge.net URL: http://cscope.sourceforge.net
License: BSD License: BSD
@ -18,6 +18,7 @@ Patch1:cscope-15.6-ocs.patch
Patch2:cscope-15.6-xcscope-man.patch Patch2:cscope-15.6-xcscope-man.patch
Patch3:cscope-15.6-sigwinch-linemode.patch Patch3:cscope-15.6-sigwinch-linemode.patch
Patch4:cscope-15.6-qrebuild.patch Patch4:cscope-15.6-qrebuild.patch
Patch5:cscope-15.6-incdir-overflow.patch
%description %description
cscope is a mature, ncurses based, C source code tree browsing tool. It cscope is a mature, ncurses based, C source code tree browsing tool. It
@ -33,6 +34,7 @@ matches for use in file editing.
%patch2 -p1 %patch2 -p1
%patch3 -p1 %patch3 -p1
%patch4 -p1 %patch4 -p1
%patch5 -p1
%build %build
%configure %configure
@ -81,6 +83,9 @@ rm -f %{xemacs_lisp_path}/xcscope.el
rm -f %{emacs_lisp_path}/xcscope.el rm -f %{emacs_lisp_path}/xcscope.el
%changelog %changelog
* Fri Jun 12 2009 Neil Horman <nhorman@redhat.com>
- Fix some buffer overflows (bz 505605)
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 15.6-3 * Tue Feb 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 15.6-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild