[packages/cfingerd.git] / cfingerd-security_format_bug.patch

--- cfingerd-1.4.3/src/main.c.orig	Fri Aug  6 23:33:38 1999
+++ cfingerd-1.4.3/src/main.c	Wed Apr 11 18:55:43 2001
@@ -242,7 +242,7 @@
 	    if (!emulated) {
 		snprintf(syslog_str, sizeof(syslog_str), "%s fingered (internal) from %s", username,
 		    ident_user);
-		syslog(LOG_NOTICE, (char *) syslog_str);
+		syslog(LOG_NOTICE, "%s", (char *) syslog_str);
 	    }

 	    handle_internal(username);
@@ -255,7 +255,7 @@
 		    snprintf(syslog_str, sizeof(syslog_str), "%s fingered from %s",
 			prog_config.p_strings[D_ROOT_FINGER], ident_user);

-		syslog(LOG_NOTICE, (char *) syslog_str);
+		syslog(LOG_NOTICE, "%s", (char *) syslog_str);
 	    }

 	    handle_standard(username);
@@ -265,7 +265,7 @@
 		snprintf(syslog_str, sizeof(syslog_str), "%s %s from %s", username,
 		    prog_config.p_strings[D_FAKE_USER], ident_user);

-		syslog(LOG_NOTICE, (char *) syslog_str);
+		syslog(LOG_NOTICE, "%s", (char *) syslog_str);
 	    }

 	    handle_fakeuser(username);
--- cfingerd-1.4.3/src/rfc1413.c.orig	Sun Aug 29 14:14:25 1999
+++ cfingerd-1.4.3/src/rfc1413.c	Wed Apr 11 18:53:45 2001
@@ -98,7 +98,7 @@

 	if (*(++cp) == ' ') cp++;
 	memset(uname, 0, sizeof(uname));
-	for (xp=uname; *cp != '\0' && *cp!='\r'&&*cp!='\n'&&strlen(uname)<sizeof(uname); cp++)
+	for (xp=uname; *cp != '\0' && *cp!='\r'&&*cp!='\n'&&(strlen(uname)+1)<sizeof(uname); cp++)
 	    *(xp++) = *cp;

 	if (!strlen(uname)) {
Commit	Line	Data
0e04792f	1	--- cfingerd-1.4.3/src/main.c.orig Fri Aug 6 23:33:38 1999
	2	+++ cfingerd-1.4.3/src/main.c Wed Apr 11 18:55:43 2001
	3	@@ -242,7 +242,7 @@
	4	if (!emulated) {
	5	snprintf(syslog_str, sizeof(syslog_str), "%s fingered (internal) from %s", username,
	6	ident_user);
	7	- syslog(LOG_NOTICE, (char *) syslog_str);
	8	+ syslog(LOG_NOTICE, "%s", (char *) syslog_str);
	9	}
	10
	11	handle_internal(username);
	12	@@ -255,7 +255,7 @@
	13	snprintf(syslog_str, sizeof(syslog_str), "%s fingered from %s",
	14	prog_config.p_strings[D_ROOT_FINGER], ident_user);
	15
	16	- syslog(LOG_NOTICE, (char *) syslog_str);
	17	+ syslog(LOG_NOTICE, "%s", (char *) syslog_str);
	18	}
	19
	20	handle_standard(username);
	21	@@ -265,7 +265,7 @@
	22	snprintf(syslog_str, sizeof(syslog_str), "%s %s from %s", username,
	23	prog_config.p_strings[D_FAKE_USER], ident_user);
	24
	25	- syslog(LOG_NOTICE, (char *) syslog_str);
	26	+ syslog(LOG_NOTICE, "%s", (char *) syslog_str);
	27	}
	28
	29	handle_fakeuser(username);
	30	--- cfingerd-1.4.3/src/rfc1413.c.orig Sun Aug 29 14:14:25 1999
	31	+++ cfingerd-1.4.3/src/rfc1413.c Wed Apr 11 18:53:45 2001
	32	@@ -98,7 +98,7 @@
	33
	34	if (*(++cp) == ' ') cp++;
	35	memset(uname, 0, sizeof(uname));
	36	- for (xp=uname; cp != '\0' && cp!='\r'&&*cp!='\n'&&strlen(uname)<sizeof(uname); cp++)
	37	+ for (xp=uname; cp != '\0' && cp!='\r'&&*cp!='\n'&&(strlen(uname)+1)<sizeof(uname); cp++)
	38	(xp++) = cp;
	39
	40	if (!strlen(uname)) {