[cpl-plugin-kmos] 05/07: Replace strcat calls with size checked strncat calls

Thu Oct 17 09:08:44 UTC 2013

This is an automated email from the git hooks/post-receive script.

olebole-guest pushed a commit to branch debian
in repository cpl-plugin-kmos.

commit 5c81603ecb8d1088da8839fd6e6dbe8bf9fcd924
Author: Ole Streicher <debian at liska.ath.cx>
Date:   Thu Oct 17 11:07:15 2013 +0200

    Replace strcat calls with size checked strncat calls
---
 debian/patches/fortify.patch |   50 ++++++++++++++++++++++++++++++++++++++++++
 debian/patches/series        |    1 +
 2 files changed, 51 insertions(+)

diff --git a/debian/patches/fortify.patch b/debian/patches/fortify.patch
new file mode 100644
index 0000000..074b85a
--- /dev/null
+++ b/debian/patches/fortify.patch
@@ -0,0 +1,50 @@
+Author: Ole Streicher <debian at liska.ath.cx>
+Description: Replace strcat calls with size checked strncat calls
+--- a/recipes/kmo_stats.c
++++ b/recipes/kmo_stats.c
+@@ -856,9 +856,10 @@
+                     sub_header = kmo_dfs_load_sub_header(frameset, STATS, extnr,
+                                                          FALSE));
+ 
+-                strcat(strarr[0],
+-                       cpl_propertylist_get_string(sub_header, EXTNAME));
+-                strcat(strarr[0], "|");
++                strncat(strarr[0],
++			cpl_propertylist_get_string(sub_header, EXTNAME), 
++			1024-strlen(strarr[0])-1);
++                strncat(strarr[0], "|", 1024-strlen(strarr[0])-1);
+                 cpl_propertylist_delete(sub_header); sub_header = NULL;
+ 
+                 KMO_TRY_EXIT_IF_NULL(
+@@ -876,7 +877,7 @@
+                             tmp_str = cpl_sprintf("    -     |"));
+                     }
+ 
+-                    strcat(strarr[i], tmp_str);
++                    strncat(strarr[i], tmp_str, 1024-strlen(strarr[i])-1);
+                     cpl_free(tmp_str); tmp_str = NULL;
+                 }
+                 kmclipm_vector_delete(data_out); data_out = NULL;
+@@ -885,9 +886,10 @@
+                     KMO_TRY_EXIT_IF_NULL(
+                         sub_header = kmo_dfs_load_sub_header(frameset, STATS,
+                                                              extnr, TRUE));
+-                    strcat(strarr[0],
+-                           cpl_propertylist_get_string(sub_header, EXTNAME));
+-                    strcat(strarr[0], "|");
++                    strncat(strarr[0],
++			    cpl_propertylist_get_string(sub_header, EXTNAME), 
++			    1024-strlen(strarr[0])-1);
++                    strncat(strarr[0], "|", 1024-strlen(strarr[0])-1);
+                     cpl_propertylist_delete(sub_header); sub_header = NULL;
+ 
+                     KMO_TRY_EXIT_IF_NULL(
+@@ -906,7 +908,7 @@
+                                 tmp_str = cpl_sprintf("    -     |"));
+                         }
+ 
+-                        strcat(strarr[i], tmp_str);
++                        strncat(strarr[i], tmp_str, 1024-strlen(strarr[i])-1);
+                         cpl_free(tmp_str); tmp_str = NULL;
+                     }
+                     kmclipm_vector_delete(data_out); data_out = NULL;
diff --git a/debian/patches/series b/debian/patches/series
index ba80fae..3b9758c 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -3,3 +3,4 @@ set_plugindir.patch
 use-std-paths-for-cpl.patch
 no_test_data.patch
 propagate_cflags.patch
+fortify.patch

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/debian-science/packages/cpl-plugin-kmos.git

