Package: calcoo
Version: 1.3.16-1
Severity: normal
Tags: patch
The calcoo package contains the following code in src/b_loadsave.c:
strcpy(settings_filename, getenv("HOME"));
strcat(settings_filename, "/.calcoo");
Here the contents of $HOME are copied into a fixed size buffer without
checking for size first. Were this program setuid/setgid it would be
an exploitable security hole. As it is this is just a minor bug which
should be patched.
The following code is better:
snprintf(settings_filename, sizeof(settings_filename)-1,
"%s/.calcoo", getenv( "HOME" ) );
Steve
--
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.18-xen (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
