-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
tags 417539 patch
thanks
Issue according to the changelog:
http://www.tinymux.org/changes.txt
- -- Fix buffer overflow in fun_ladd (Issue 282)
BTS in upstream is:
http://code.google.com/p/tinymux/issues/detail?q=282&can=2&colspec=ID%20Type%20Status%20Priority%20Milestone%20Owner%20Summary&id=282
and claims the issue is fixed in revision 1004.
Upstream patch is attached.
- --
Regards,
EddyP
=============================================
"Imagination is more important than knowledge" A.Einstein
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGFGTSY8Chqv3NRNoRAuusAJ9khzkdquRyBWKC0sXtsK4nhG49iQCbBxKQ
+M2AKZGsXEV6an5HGXjl2kw=
=H/fk
-----END PGP SIGNATURE-----
Index: mux/src/funmath.cpp
===================================================================
--- mux/src/funmath.cpp (revision 1003)
+++ mux/src/funmath.cpp (revision 1004)
@@ -314,7 +314,8 @@
}
char *cp = trim_space_sep(fargs[0], &sep);
- while (cp)
+ while ( cp
+ && n < (LBUF_SIZE+1)/2)
{
char *curr = split_token(&cp, &sep);
g_aDoubles[n++] = mux_atof(curr);
Index: mux/CHANGES
===================================================================
--- mux/CHANGES (revision 1003)
+++ mux/CHANGES (revision 1004)
@@ -57,6 +57,7 @@
-- Fix signed / unsigned warning in dump_info() (Issue 276).
-- Corrected minor typo in @comon section of help.txt. (Issue 275)
-- Restore newline skipping in wrap(), broken in 2.7.0.2 (Issue 278).
+ -- Fix potential buffer overflow in ladd() (Issue 282). Thanks Jake.
Performance Enhancements:
