I found a problem with a patch in startup-notification. The strncpy
statements were not copying the correct amount of data due to using
sizeof() instead of strlen() values. Old patch and fixed patch below.
-Michael
Old Patch
$OpenBSD: patch-libsn_sn-util_c,v 1.1 2005/05/25 23:53:37 marcm Exp $
--- libsn/sn-util.c.orig Wed May 25 16:35:54 2005
+++ libsn/sn-util.c Wed May 25 16:37:28 2005
@@ -257,7 +257,7 @@ sn_internal_strdup (const char *str)
char *s;
s = sn_malloc (strlen (str) + 1);
- strcpy (s, str);
+ strncpy (s, str, sizeof(s));
return s;
}
@@ -376,6 +376,6 @@ sn_internal_append_to_string (char
*append_to = sn_realloc (*append_to, *current_len + len + 1);
end = *append_to + *current_len;
- strcpy (end, append);
+ strncpy (end, append, sizeof(end));
*current_len = *current_len + len;
}
New Patch
$OpenBSD: patch-libsn_sn-util_c,v 1.1 2005/05/25 23:53:37 marcm Exp $
--- libsn/sn-util.c.orig Wed May 25 16:35:54 2005
+++ libsn/sn-util.c Wed May 25 16:37:28 2005
@@ -257,7 +257,7 @@ sn_internal_strdup (const char *str)
char *s;
s = sn_malloc (strlen (str) + 1);
- strcpy (s, str);
+ strncpy (s, str, strlen (str) + 1);
return s;
}
@@ -376,6 +376,6 @@ sn_internal_append_to_string (char
*append_to = sn_realloc (*append_to, *current_len + len + 1);
end = *append_to + *current_len;
- strcpy (end, append);
+ strncpy (end, append, len + 1);
*current_len = *current_len + len;
}