Module Name: src Committed By: snj Date: Mon Jun 29 23:57:49 UTC 2009
Modified Files: src/doc [netbsd-4]: CHANGES-4.1 Log Message: Ticket 1331. To generate a diff of this commit: cvs rdiff -u -r1.1.2.160 -r1.1.2.161 src/doc/CHANGES-4.1 Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files.
Modified files: Index: src/doc/CHANGES-4.1 diff -u src/doc/CHANGES-4.1:1.1.2.160 src/doc/CHANGES-4.1:1.1.2.161 --- src/doc/CHANGES-4.1:1.1.2.160 Sun Jun 28 19:52:37 2009 +++ src/doc/CHANGES-4.1 Mon Jun 29 23:57:49 2009 @@ -1,4 +1,4 @@ -# $NetBSD: CHANGES-4.1,v 1.1.2.160 2009/06/28 19:52:37 snj Exp $ +# $NetBSD: CHANGES-4.1,v 1.1.2.161 2009/06/29 23:57:49 snj Exp $ A complete list of changes from the NetBSD 4.0 release to the NetBSD 4.1 release: @@ -3501,3 +3501,26 @@ a possible theoretical attack involving >= 1 billion ammo. [dholland, ticket #1330] +games/hack/extern.h 1.11 +games/hack/hack.do_name.c 1.9, 1.10 +games/hack/hack.eat.c 1.8 +games/hack/hack.end.c 1.12 via patch +games/hack/hack.fight.c 1.10 via patch +games/hack/hack.h 1.13 via patch +games/hack/hack.invent.c 1.12, 1.13 +games/hack/hack.main.c 1.12, 1.13 +games/hack/hack.objnam.c 1.9 +games/hack/hack.options.c 1.9 +games/hack/hack.pri.c 1.11 +games/hack/hack.rip.c 1.10, 1.11 +games/hack/hack.shk.c 1.10 +games/hack/hack.topl.c 1.10, 1.11 +games/hack/hack.unix.c 1.12, 1.13 + + sprintf -> snprintf, plus some use of strlcpy/strlcat where + appropriate. + Fix two serious string-handling bugs (one exploitable, one + probably exploitable) and also add proper checking/paranoia + in several other places. + [dholland, ticket #1331] +