-
Reference also ttylog patch (SF) 2890964.
2009-11-02 22:15:57 UTC by jame
-
Reference also http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=553945.
2009-11-02 22:14:25 UTC by jame
-
--- ttylog.c.orig 2009-11-02 11:09:39.000000000 +0000
+++ ttylog.c 2009-11-02 11:10:25.000000000 +0000
@@ -79,7 +79,9 @@
{
if (argv[i + 1] != NULL)
{
- strcpy (modem_device, argv[i + 1]);
+ memset( modem_device, '\0', sizeof(modem_device));
+ strncpy (modem_device, argv[i + 1],sizeof(modem_device)-1);
+
}
else
{.
2009-11-02 22:13:55 UTC by jame
-
The program uses strcpy to copy the specified device name into a fixed buffer.
This program isn't a security-sensitive one so the issue is minor, but the bug should be fixed:
skx@gold:$ /usr/sbin/ttylog -d `perl -e 'print "X"x3000'`
Segmentation fault
Patch included to turn this into:
(139) skx@gold:/tmp/foo/ttylog-0.1.c$ ./ttylog -d `perl -e 'print
"X"x3000'`
./ttylog:
2009-11-02 22:05:00 UTC by jame
-
jame committed revision 112 to the ttylog - a serial port logger SVN repository, changing 1 files.
2009-08-23 01:06:23 UTC by jame
-
Migrated the ttylog SVN repostory to a GIT repository at git://ttylog.git.sourceforge.net/gitroot/ttylog/ttylog.git. It can be browsed at http://ttylog.git.sourceforge.net/git/gitweb.cgi?p=ttylog/ttylog.git.
2009-08-22 23:40:54 UTC by jame
-
jame committed revision 111 to the ttylog - a serial port logger SVN repository, changing 1 files.
2009-07-25 17:39:29 UTC by jame
-
jame committed revision 110 to the ttylog - a serial port logger SVN repository, changing 1 files.
2009-07-25 17:38:39 UTC by jame
-
jame committed revision 109 to the ttylog - a serial port logger SVN repository, changing 1 files.
2009-07-25 17:20:43 UTC by jame
-
jame committed revision 108 to the ttylog - a serial port logger SVN repository, changing 1 files.
2009-07-25 17:18:54 UTC by jame
