diff options
| author | kris <kris@FreeBSD.org> | 2001-01-28 23:58:41 +0000 |
|---|---|---|
| committer | kris <kris@FreeBSD.org> | 2001-01-28 23:58:41 +0000 |
| commit | 94f0c5d9fc47490ff4388cc81182c4829021d43c (patch) | |
| tree | f7232d255f1a1aa5aa8e976cf0b118c79bf2748a /games/maelstrom | |
| parent | 02b355eb31ee6f7113bf2619a57e5073c23fc96d (diff) | |
| download | FreeBSD-ports-94f0c5d9fc47490ff4388cc81182c4829021d43c.zip FreeBSD-ports-94f0c5d9fc47490ff4388cc81182c4829021d43c.tar.gz | |
Fix an exploitable buffer overflow with the HOME environment variable.
No advisory will be released as this port is setgid games and therefore
not a security risk.
Diffstat (limited to 'games/maelstrom')
| -rw-r--r-- | games/maelstrom/files/patch-ad | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/games/maelstrom/files/patch-ad b/games/maelstrom/files/patch-ad new file mode 100644 index 0000000..4fc0f1d --- /dev/null +++ b/games/maelstrom/files/patch-ad @@ -0,0 +1,11 @@ +--- controls.cpp.orig Sun Jan 28 15:51:37 2001 ++++ controls.cpp Sun Jan 28 15:51:49 2001 +@@ -89,7 +89,7 @@ + if ( fname ) { + *fname = datafile; + } +- sprintf(datafile, "%s/%s", home, MAELSTROM_DATA); ++ snprintf(datafile, sizeof(datafile), "%s/%s", home, MAELSTROM_DATA); + if ( (data=fopen(datafile, mode)) == NULL ) + return(NULL); + return(data); |
