This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Inetutils ".
The branch, master has been updated
via 0c63e144a55e5d81695bc5b881696d9210e9df42 (commit)
from 961fcfa007a8fb1ee66454e0fe23f674e96756f5 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=0c63e144a55e5d81695bc5b881696d9210e9df42
commit 0c63e144a55e5d81695bc5b881696d9210e9df42
Author: Tim Rühsen <[email protected]>
Date: Sat Feb 29 19:01:40 2020 +0100
ftp: Fix strncpy misuse (leading to buffer overflow)
diff --git a/ftp/ftp.c b/ftp/ftp.c
index 7fe99ab..061eccb 100644
--- a/ftp/ftp.c
+++ b/ftp/ftp.c
@@ -171,9 +171,10 @@ hookup (char *host, int port)
}
if (res->ai_canonname)
- strncpy (hostnamebuf, res->ai_canonname, sizeof (hostnamebuf));
+ strncpy (hostnamebuf, res->ai_canonname, sizeof (hostnamebuf) - 1);
else
- strncpy (hostnamebuf, rhost, sizeof (hostnamebuf));
+ strncpy (hostnamebuf, rhost, sizeof (hostnamebuf) - 1);
+ hostnamebuf[sizeof (hostnamebuf) - 1] = 0;
hostname = hostnamebuf;
free (rhost);
-----------------------------------------------------------------------
Summary of changes:
ftp/ftp.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
hooks/post-receive
--
GNU Inetutils
_______________________________________________
Commit-inetutils mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/commit-inetutils
