f6c9102d1a
"Andreas Tille, the Debian WordNet maintainer, noticed a bug in my patch. The bug is not security related, but causes incorrect behaviour in WordNet. I replaced a strncpy(s1, s2, strlen(s2)) with a strcpy forgetting that strncpy invoked that way would always omit the trailing \0 (as the \0 would always be at strlen(s2) + 1). This resulted in a truncation of output from WordNet which relied on the previous behavior which it used to 'patch' s1. I've now adjusted the strncpy to be a memcpy and added a comment, to make the intent of the code clear. (Using a str* function when you don't wish any handling of \0 is unintuitive to me, hence my mistake). [..] Apologies for the error." thanks Rob for the exemplary handling of this advisory. Notifications to package maintainers and follow-ups are almost unheard-of and very welcome. |
||
---|---|---|
.. | ||
patches | ||
pkg | ||
distinfo | ||
Makefile |