Files
@ 58c61517779f
Branch filter:
Location: ohnobinki_overlay/net-misc/whois/files/whois-4.7.26-gentoo-security.patch - annotation
58c61517779f
2.8 KiB
text/x-diff
media-sound/shell-fm: Remove shell-fm as it's in the prefix tree now.
c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c c49126f7ac6c | --- whois-4.7.26/whois.c
+++ whois-4.7.26/whois.c
@@ -87,7 +87,7 @@
/* RIPE flags */
if (strchr(ripeflags, ch)) {
for (p = fstring; *p; p++);
- sprintf(p--, "-%c ", ch);
+ snprintf(p--, sizeof(fstring), "-%c ", ch);
continue;
}
if (strchr(ripeflagsp, ch)) {
@@ -141,10 +141,10 @@
while (1) {
qslen += strlen(*argv) + 1 + 1;
qstring = realloc(qstring, qslen);
- strcat(qstring, *argv++);
+ strncat(qstring, *argv++, qslen-1);
if (argc == 1)
break;
- strcat(qstring, " ");
+ strncat(qstring, " ", qslen-1);
argc--;
}
}
@@ -467,8 +467,10 @@
char *buf, *p;
int i, isripe = 0;
+ /* buflen was always 0 in original patch and buf was allocated twice /Aye */
/* 64 bytes reserved for server-specific flags added later */
- buf = malloc(strlen(flags) + strlen(query) + strlen(client_tag) + 64);
+ int buflen = strlen(flags) + strlen(query) + strlen(client_tag) + 64;
+ buf = malloc(buflen);
*buf = '\0';
for (i = 0; ripe_servers[i]; i++)
if (streq(server, ripe_servers[i])) {
@@ -481,7 +483,7 @@
if (*flags) {
if (!isripe && !streq(server, "whois.corenic.net"))
puts(_("Warning: RIPE flags used with a traditional server."));
- strcat(buf, flags);
+ strncat(buf, flags, buflen-1);
}
#ifdef HAVE_LIBIDN
@@ -490,28 +492,28 @@
*/
if (streq(server, "whois.denic.de") && domcmp(query, ".de")
&& !strchr(query, ' ') && !*flags)
- sprintf(buf, "-T dn,ace -C US-ASCII %s", query);
+ snprintf(buf, buflen-1, "-T dn,ace -C US-ASCII %s", query);
else
/* here we have another registrar who could not make things simple
* -C sets the language for both input and output
*/
if (!isripe && streq(server, "whois.cat") && domcmp(query, ".cat")
&& !strchr(query, ' '))
- sprintf(buf, "-C US-ASCII ace %s", query);
+ snprintf(buf, buflen-1, "-C US-ASCII ace %s", query);
else
#endif
if (!isripe && (streq(server, "whois.nic.mil") ||
streq(server, "whois.nic.ad.jp")) &&
strncaseeq(query, "AS", 2) && isasciidigit(query[2]))
/* FIXME: /e is not applied to .JP ASN */
- sprintf(buf, "AS %s", query + 2); /* fix query for DDN */
+ snprintf(buf, buflen-1, "AS %s", query + 2); /* fix query for DDN */
else if (!isripe && (streq(server, "whois.nic.ad.jp") ||
streq(server, "whois.jprs.jp"))) {
char *lang = getenv("LANG"); /* not a perfect check, but... */
if (!lang || !strneq(lang, "ja", 2))
- sprintf(buf, "%s/e", query); /* ask for english text */
+ snprintf(buf, buflen-1, "%s/e", query); /* ask for english text */
else
- strcat(buf, query);
+ strncat(buf, query, buflen-1);
} else if (!isripe && streq(server, "whois.arin.net") &&
(p = strrchr(query, '/'))) {
strncat(buf, query, p - query); /* strip CIDR */
|