diff --git a/boinc-client-dynamic_buffers.patch b/boinc-client-dynamic_buffers.patch new file mode 100644 index 0000000..4c2753c --- /dev/null +++ b/boinc-client-dynamic_buffers.patch @@ -0,0 +1,41 @@ +Index: lib/filesys.cpp +=================================================================== +--- lib/filesys.cpp.orig 2011-05-16 18:13:03.000000000 +0200 ++++ lib/filesys.cpp 2011-05-16 18:49:23.426248908 +0200 +@@ -36,6 +36,7 @@ + #include + #include + #include ++#include + + #ifdef HAVE_SYS_RESOURCE_H + #include +@@ -371,7 +372,8 @@ int dir_size(const char* dirpath, double + } while (FindNextFileA(hFind, &findData)); + ::FindClose(hFind); + #else +- char filename[256], subdir[256]; ++ char filename[PATH_MAX]; ++ char *subdir; + int retval=0; + DIRREF dirp; + double x; +@@ -382,7 +384,7 @@ int dir_size(const char* dirpath, double + while (1) { + retval = dir_scan(filename, dirp, sizeof(filename)); + if (retval) break; +- sprintf(subdir, "%s/%s", dirpath, filename); ++ asprintf(&subdir, "%s/%s", dirpath, filename); + + if (is_dir(subdir)) { + if (recurse) { +@@ -395,6 +397,9 @@ int dir_size(const char* dirpath, double + if (retval) continue; + size += x; + } ++ ++ if(subdir != NULL) ++ free(subdir); + } + dir_close(dirp); + #endif diff --git a/boinc-client.changes b/boinc-client.changes index bb56168..eadded3 100644 --- a/boinc-client.changes +++ b/boinc-client.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Mon May 16 18:49:58 CEST 2011 - pth@suse.de + +- Avoid buffer overflow in filesys.cpp(dir_size). + ------------------------------------------------------------------- Sun May 1 23:27:45 UTC 2011 - chris@computersalat.de diff --git a/boinc-client.spec b/boinc-client.spec index a3c8cd2..1875820 100644 --- a/boinc-client.spec +++ b/boinc-client.spec @@ -63,6 +63,8 @@ Patch4: boinc-docbook2x.patch Patch5: boinc-server.patch # PATCH-FIX-OPENSUSE saigkill@opensuse.org adds define HAVE_STRCASESRTR Patch6: boinc-client-str_util.patch +# PATCH-FIX-OPENSUSE pth@suse.de use asprintf to fix buffer overflow +Patch7: boinc-client-dynamic_buffers.patch # BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -180,6 +182,7 @@ This package contains documentation files for %{name}. %patch4 %patch5 %patch6 +%patch7 # Install user hints %{__install} -m0644 %{S:3} README.SUSE