Package: openser
Severity: grave
Tags: security
Justification: user security hole
OpenPKG fixed a buffer overflow in openser:
http://www.openpkg.com/security/advisories/OpenPKG-SA-2006.042.html
Patch attached, please upload.
Cheers,
Moritz
-- System Information:
Debian Release: 4.0
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-3-686
Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15)
Security Fix (OpenPKG-SA-2006.042, OpenPKG-TT-E1#29)
Index: modules/permissions/parse_config.c
--- modules/permissions/parse_config.c.orig 2005-06-13 18:47:43 +0200
+++ modules/permissions/parse_config.c 2006-12-26 11:15:25 +0100
@@ -111,8 +111,11 @@
except = strstr(str, " EXCEPT ");
if (except) {
/* exception found */
- strncpy(str2, str, except-str);
- str2[except-str] = '\0';
+ int l = except - str;
+ if (l > sizeof(str2) - 1)
+ l = sizeof(str2) - 1;
+ strncpy(str2, str, l);
+ str2[l] = '\0';
/* except+8 points to the exception */
if (parse_expression_list(except+8, e_exceptions)) {
/* error */
@@ -121,7 +124,8 @@
}
} else {
/* no exception */
- strcpy(str2, str);
+ strncpy(str2, str, sizeof(str2)-1);
+ str2[sizeof(str2)-1] = '\0';
*e_exceptions = NULL;
}
