r2192 - trunk/tar

bdubbs at linuxfromscratch.org bdubbs at linuxfromscratch.org
Sun May 2 21:08:21 PDT 2010


Author: bdubbs
Date: 2010-05-02 22:08:21 -0600 (Sun, 02 May 2010)
New Revision: 2192

Added:
   trunk/tar/tar-1.23-overflow_fix-1.patch
Log:
Add a patch for tar to fix a buffer overflow error

Added: trunk/tar/tar-1.23-overflow_fix-1.patch
===================================================================
--- trunk/tar/tar-1.23-overflow_fix-1.patch	                        (rev 0)
+++ trunk/tar/tar-1.23-overflow_fix-1.patch	2010-05-03 04:08:21 UTC (rev 2192)
@@ -0,0 +1,41 @@
+Submitted By:            Bruce Dubbs <bdubbs_at_linuxfromscratch_dot_org>
+Date:                    2010-05-02
+Initial Package Version: 1.22
+Upstream Status:         Submitted
+Origin:                  http://wiki.linuxfromscratch.org/lfs/ticket/2651 
+Description:             Fixes a buffer overflow when creating archives 
+                         when built by gcc-4.5
+
+diff -urNp tar-1.22-orig/src/create.c tar-1.22/src/create.c
+--- tar-1.22-orig/src/create.c   2009-07-09 18:38:37.000000000 +0200
++++ tar-1.22/src/create.c  2009-07-09 18:43:44.000000000 +0200
+@@ -578,7 +578,10 @@ write_gnu_long_link (struct tar_stat_inf
+   GNAME_TO_CHARS (tmpname, header->header.gname);
+   free (tmpname);
+ 
+-  strcpy (header->header.magic, OLDGNU_MAGIC);
++  /* OLDGNU_MAGIC is string with 7 chars + NULL */
++  strncpy (header->header.magic, OLDGNU_MAGIC, sizeof(header->header.magic));
++  strncpy (header->header.version, OLDGNU_MAGIC+sizeof(header->header.magic),
++           sizeof(header->header.version));
+   header->header.typeflag = type;
+   finish_header (st, header, -1);
+ 
+@@ -908,9 +911,13 @@ start_header (struct tar_stat_info *st)
+       break;
+ 
+     case OLDGNU_FORMAT:
+-    case GNU_FORMAT:   /*FIXME?*/
+-      /* Overwrite header->header.magic and header.version in one blow.  */
+-      strcpy (header->header.magic, OLDGNU_MAGIC);
++    case GNU_FORMAT:
++      /* OLDGNU_MAGIC is string with 7 chars + NULL */
++      strncpy (header->header.magic, OLDGNU_MAGIC,
++               sizeof(header->header.magic));
++      strncpy (header->header.version,
++               OLDGNU_MAGIC+sizeof(header->header.magic),
++               sizeof(header->header.version));
+       break;
+ 
+     case POSIX_FORMAT:
+




More information about the patches mailing list