Yes, sorry, please find it attached this time.
On Fri, Apr 18, 2008 at 12:02:03PM +0000, brian m. carlson wrote:
> On Fri, Apr 18, 2008 at 10:05:19AM +0200, أحمد المحمودي wrote:
>> Hello,
>>
>> I updated the 05_overflow.diff patch (please review the file
>> attached).
>
> You forgot the attachment. Also, I don't think that you need to upload
> it to experimental instead, just fix the bugs in unstable. I believe
> the security team will ask debian-release to remove the package from
> testing. If anything I said is incorrect, I'm sure Moritz will correct
> me. :-)
---end quoted text---
--
أحمد المحمودي (Ahmed El-Mahmoudy)
Digital design engineer
SySDSoft, Inc.
GPG KeyID: 0x9DCA0B27 (@ subkeys.pgp.net)
GPG Fingerprint: 087D 3767 8CAC 65B1 8F6C 156E D325 C3C8 9DCA 0B27
Index: acon-1.0.5/acon.c
===================================================================
--- acon-1.0.5.orig/acon.c 2008-04-18 08:45:45.000000000 +0200
+++ acon-1.0.5/acon.c 2008-04-18 08:45:48.000000000 +0200
@@ -50,7 +50,7 @@
font[0]=translation[0]=keymap[0]=0;
if((env=getenv("HOME")))
- sprintf(tmp,"%s/.acon.conf",env);
+ snprintf(tmp,sizeof(tmp),"%s/.acon.conf",env);
else
strcpy(tmp,"/etc/acon.conf");
if((fp=fopen(tmp,"r"))==NULL)
Index: acon-1.0.5/arabicfont.c
===================================================================
--- acon-1.0.5.orig/arabicfont.c 2008-04-18 08:45:45.000000000 +0200
+++ acon-1.0.5/arabicfont.c 2008-04-18 08:45:48.000000000 +0200
@@ -613,7 +613,7 @@
y=16; /*Only support 8x16 fonts now*/
if(path[0]!='/')
- sprintf(tmp,"%s/fonts/%s",DATAPATH,path);
+ snprintf(tmp,sizeof(tmp),"%s/fonts/%s",DATAPATH,path);
else
strcpy(tmp,path);
set_user_id();
@@ -699,12 +699,12 @@
if(path)
{
if(path[0]!='/')
- sprintf(tmp,"loadkeys %s/keymaps/%s >& /dev/null",DATAPATH,path);
+ snprintf(tmp,sizeof(tmp),"loadkeys %s/keymaps/%s >& /dev/null",DATAPATH,path);
else
- sprintf(tmp,"loadkeys %s >& /dev/null",path);
+ snprintf(tmp,sizeof(tmp),"loadkeys %s >& /dev/null",path);
}
else
- sprintf(tmp,"loadkeys %s/keymaps/iso8859-6.map",DATAPATH);
+ snprintf(tmp,sizeof(tmp),"loadkeys %s/keymaps/iso8859-6.map",DATAPATH);
if(my_system(tmp))
printf("Error executing : %s \n",tmp);
@@ -743,7 +743,7 @@
}
if(path[0]!='/')
- sprintf(tmp,"%s/translations/%s",DATAPATH,path);
+ snprintf(tmp,sizeof(tmp),"%s/translations/%s",DATAPATH,path);
else
strcpy(tmp,path);
if((fp=fopen(tmp,"r"))==NULL)
Index: acon-1.0.5/child.c
===================================================================
--- acon-1.0.5.orig/child.c 2008-04-18 08:45:45.000000000 +0200
+++ acon-1.0.5/child.c 2008-04-18 08:45:48.000000000 +0200
@@ -101,7 +101,7 @@
printf("Acon: can't know HOME directory\n");
return;
}
- sprintf(tmp,"%s/.acon.conf",env);
+ snprintf(tmp,sizeof(tmp),"%s/.acon.conf",env);
if((fp=fopen(tmp,"w"))==NULL)
{
printf("Acon: can't save %s\n",tmp);
Index: acon-1.0.5/menu.c
===================================================================
--- acon-1.0.5.orig/menu.c 2008-04-18 08:45:45.000000000 +0200
+++ acon-1.0.5/menu.c 2008-04-18 08:45:48.000000000 +0200
@@ -55,10 +55,11 @@
int drawmenuxy(int vcsa,int x,int y,int xwidth,int ywidth,char **menu,int num)
{
int i,z,starty=0,select=0;
- unsigned char line[400];
+ unsigned char *line;
int ch;
int currentconsole;
+ line=(unsigned char *) malloc(((xwidth*2)+3)*sizeof(unsigned char));
currentconsole=getactive();
while(1)
@@ -120,9 +121,11 @@
break;
case 13: /*Enter*/
case ' ':
+ free(line);
return select;
case 'r':
case 3:
+ free(line);
return -1;
}
@@ -130,6 +133,7 @@
if( currentconsole!=getactive())
{
consoleswitched=1;
+ free(line);
return -1;
}
@@ -138,6 +142,7 @@
if(select>starty+ywidth-1)starty++;
if(select<starty)starty--;
}
+ free(line);
}
char *getfile(int vcsa,char *path)
@@ -204,7 +209,7 @@
char *getuserinput(int vcsa,const char *p,char *str)
{
- unsigned char line[400];
+ unsigned char *line;
int ypos;
int xwidth;
int ch,i,startpos;
@@ -214,6 +219,7 @@
str[0]=0;
ypos=getmaxy()/2-2;
xwidth=getmaxx()-10;
+ line=(unsigned char *) malloc(((xwidth*2)-2)*sizeof(unsigned char));
line[0]=0x86;
line[1]=COLORN;
@@ -251,8 +257,10 @@
switch(ch)
{
case 13: /*Enter*/
+ free(line);
return str;
case 3:
+ free(line);
return NULL;
case 127:
if(*str)
@@ -267,11 +275,13 @@
if( currentconsole!=getactive())
{
consoleswitched=1;
+ free(line);
return NULL;
}
}while(ch==256);
}
+ free(line);
}
void options(int vcsa)
Index: acon-1.0.5/render.c
===================================================================
--- acon-1.0.5.orig/render.c 2008-04-18 08:47:21.000000000 +0200
+++ acon-1.0.5/render.c 2008-04-18 08:51:29.000000000 +0200
@@ -112,9 +112,10 @@
void processlineLTR(unsigned char *line,int len)
{
int i,z,loc=0,change=0,tochange=0,locn,tmp,startofline=1;
- char buf[400];
+ char *buf;
unsigned char curloc[200];
int lang=0; /*0=english 1=arabic*/
+ buf=(char *) malloc(sizeof(line));
for(i=0;i<len;i+=2)
{
@@ -195,15 +196,18 @@
if(curloc[i]==scrn.x)
{scrn.x=i;break;}
+ free(buf);
}
void processlineRTL(unsigned char *line,int len)
{
int i,z,loc=0,tmp,startofline=1,tochange=0,change=0;
- char buf[400];
+ char *buf;
char curloc[200];
int lang=1; /*0=english 1=arabic*/
+ buf=(char *) malloc(sizeof(line));
+
for(i=0;i<len;i+=2)
{
newline[i/2]=isotocp(line[i]);
@@ -266,6 +270,7 @@
for(i=len/2;i>=0;i--)
if(curloc[i]==scrn.x)
{scrn.x=i;break;}
+ free(buf);
}
unsigned char lastchr;
@@ -325,7 +330,7 @@
{
unsigned int i;
static unsigned char oldx=255,oldy;
- char line[400];
+ char *line;
lseek(consolevc,0,SEEK_SET);
lseek(ttyvc,4,SEEK_SET);
@@ -335,6 +340,8 @@
return 1;
}
+ line=(char *) malloc(((scrn.cols*2)+3)*sizeof(char));
+
line[0]=0,line[scrn.cols*2]=0,line[scrn.cols*2+2]=0;
if(oldx==255)oldx=scrn.x,oldy=scrn.y;
@@ -359,5 +366,6 @@
lseek(ttyvc,0,SEEK_SET);
write(ttyvc,&scrn,4);
oldx=scrn.x,oldy=scrn.y;
+ free(line);
return 0;
}
