fix trivial buffer overflows, spellcheck
This commit is contained in:
dugsong
parent
da47713e6f
commit
263eb4e23f
23
misc/dialog/patches/patch-ab
Normal file
23
misc/dialog/patches/patch-ab
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
--- guage.c.orig Mon Nov 8 14:08:43 1999
|
||||||
|
+++ guage.c Mon Nov 8 14:36:22 1999
|
||||||
|
@@ -86,16 +86,16 @@
|
||||||
|
|
||||||
|
if (feof (stdin))
|
||||||
|
break;
|
||||||
|
- gets (buf);
|
||||||
|
+ fgets (buf, sizeof(buf), stdin);
|
||||||
|
if (buf[0] == 'X') {
|
||||||
|
/* Next line is percentage */
|
||||||
|
- gets (buf);
|
||||||
|
+ fgets (buf, sizeof(buf), stdin);
|
||||||
|
percent = atoi (buf);
|
||||||
|
|
||||||
|
/* Rest is message text */
|
||||||
|
prompt_buf[0] = '\0';
|
||||||
|
- while (strncmp (gets (buf), "XXX", 3))
|
||||||
|
- strcat (prompt_buf, buf);
|
||||||
|
+ while (strncmp (fgets (buf, sizeof(buf), stdin), "XXX", 3))
|
||||||
|
+ strlcat (prompt_buf, buf, sizeof(prompt_buf));
|
||||||
|
prompt = prompt_buf;
|
||||||
|
} else
|
||||||
|
percent = atoi (buf);
|
||||||
20
misc/dialog/patches/patch-ac
Normal file
20
misc/dialog/patches/patch-ac
Normal file
@ -0,0 +1,20 @@
|
|||||||
|
--- dialog.c.orig Mon Nov 8 14:48:14 1999
|
||||||
|
+++ dialog.c Mon Nov 8 14:48:42 1999
|
||||||
|
@@ -56,7 +56,7 @@
|
||||||
|
{"--radiolist", 9, 0, 3, j_radiolist},
|
||||||
|
{"--inputbox", 5, 6, 1, j_inputbox},
|
||||||
|
#ifdef HAVE_GUAGE
|
||||||
|
- {"--guage", 6, 6, 1, j_guage},
|
||||||
|
+ {"--gauge", 6, 6, 1, j_guage},
|
||||||
|
#endif
|
||||||
|
{NULL, 0, 0, 0, NULL}
|
||||||
|
};
|
||||||
|
@@ -197,7 +197,7 @@
|
||||||
|
\n --checklist <text> <height> <width> <list height> <tag1> <item1> <status1>...\
|
||||||
|
\n --radiolist <text> <height> <width> <list height> <tag1> <item1> <status1>...\n",name);
|
||||||
|
#ifdef HAVE_GUAGE
|
||||||
|
-fprintf(stderr," --guage <text> <height> <width> <percent>\n");
|
||||||
|
+fprintf(stderr," --gauge <text> <height> <width> <percent>\n");
|
||||||
|
#endif
|
||||||
|
exit (-1);
|
||||||
|
}
|
||||||
29
misc/dialog/patches/patch-ad
Normal file
29
misc/dialog/patches/patch-ad
Normal file
@ -0,0 +1,29 @@
|
|||||||
|
--- dialog.man.orig Mon Nov 8 14:49:01 1999
|
||||||
|
+++ dialog.man Mon Nov 8 14:49:52 1999
|
||||||
|
@@ -41,7 +41,7 @@
|
||||||
|
.BR yes/no " box," " menu" " box," " input" " box,"
|
||||||
|
.BR message " box," " text" " box," " info" " box,"
|
||||||
|
'\" NOHAVEGUAGE
|
||||||
|
-.BR guage " box,"
|
||||||
|
+.BR gauge " box,"
|
||||||
|
'\" NOHAVEGUAGE
|
||||||
|
.BR checklist " box, and" " radiolist" " box."
|
||||||
|
.SH OPTIONS
|
||||||
|
@@ -189,14 +189,14 @@
|
||||||
|
.IR status " to " on "."
|
||||||
|
|
||||||
|
'\" NOHAVEGUAGE
|
||||||
|
-.IP "\fB\-\-guage \fItext height width percent\fR"
|
||||||
|
-.RB "A " guage " box displays a meter along the bottom of the box.
|
||||||
|
+.IP "\fB\-\-gauge \fItext height width percent\fR"
|
||||||
|
+.RB "A " gauge " box displays a meter along the bottom of the box.
|
||||||
|
The meter indicates the percentage. New percentages are read from
|
||||||
|
standard input, one integer per line. The meter is updated
|
||||||
|
to reflect each new percentage. If stdin is XXX, then the first
|
||||||
|
line following is taken as an integer percentage, then subsequent
|
||||||
|
lines up to another XXX are used for a new prompt.
|
||||||
|
-The guage exits when EOF is reached on stdin.
|
||||||
|
+The gauge exits when EOF is reached on stdin.
|
||||||
|
|
||||||
|
'\" NOHAVEGUAGE
|
||||||
|
'\" NOHAVERC
|
||||||
5
misc/dialog/pkg/SECURITY
Normal file
5
misc/dialog/pkg/SECURITY
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
fixed some trivial buffer overflows in guage.c
|
||||||
|
|
||||||
|
other boundary checking errors abound, not just in string manipulation -
|
||||||
|
e.g. draw_* routines, etc. nothing security-critical, just not robust.
|
||||||
|
|
||||||
Loading…
Reference in New Issue
Block a user