[BusyBox-cvs] busybox/coreutils dos2unix.c,1.18,1.19

Erik Andersen andersen at busybox.net
Wed May 5 10:37:51 UTC 2004


Update of /var/cvs/busybox/coreutils
In directory nail:/tmp/cvs-serv18443/coreutils

Modified Files:
	dos2unix.c 
Log Message:
Steve Grubb writes:

Hello,

I found and patched 2 more bugs. The first is a misplaced semi-colon. The second
one is a buffer overflow. I doubt the buffer overflow is triggered in real life.
But you never know what those wily hackers are up to.

Thanks,
Steve Grubb



Index: dos2unix.c
===================================================================
RCS file: /var/cvs/busybox/coreutils/dos2unix.c,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -d -r1.18 -r1.19
--- a/dos2unix.c	15 Mar 2004 08:28:20 -0000	1.18
+++ b/dos2unix.c	5 May 2004 10:37:49 -0000	1.19
@@ -64,7 +64,7 @@
 		c = strlen(tempFn);
 		tempFn[c] = '.';
 		while(1) {
-		    if (c >=BUFSIZ)
+		    if (c >=BUFSIZ-2)
 			bb_error_msg_and_die("unique name not found");
 		    /* Get some semi random stuff to try and make a
 		     * random filename based (and in the same dir as)




More information about the busybox-cvs mailing list