Patch information for xplanet (1.2.1-3) possible-buffer-overflow


     src/libimage/bmp.c |    4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Patch contents

Description: guard against possible buffer overflow
Origin: upstream, http://xplanet.svn.sf.net/viewvc/xplanet?view=rev&revision=153
--- xplanet-1.2.1.orig/src/libimage/bmp.c
+++ xplanet-1.2.1/src/libimage/bmp.c
@@ -61,10 +61,10 @@
     struct BMPHeader bmph;
 
     /* The length of each line must be a multiple of 4 bytes */
-
     bytesPerLine = (3 * (width + 1) / 4) * 4;
 
-    strcpy(bmph.bfType, "BM");
+    /* copy only "BM" without a terminating null byte */
+    strncpy(bmph.bfType, "BM", 2);
     bmph.bfOffBits = 54;
     bmph.bfSize = bmph.bfOffBits + bytesPerLine * height;
     bmph.bfReserved = 0;

page code/design/content is copyright (c) 2008 sean finney <seanius@debian.org>.
patches viewed/retrieved through this system are copyrighted by their respective authors.
browse git repo - clone git repo

xplanet (1.2.1-3) possible-buffer-overflow

Summary

Patch contents