On Sat, Jan 24, 2004 at 12:36:27AM +0100, Marco Herrn wrote: > * Package name : hatari > Version : 0.45 > Upstream Author : Thomas Huth <[EMAIL PROTECTED]> > * URL : http://hatari.sourceforge.net/ > * License : GPL > Description : Atari ST emulator
A minor patch is included below which would be nice to include. Steve -- # Debian Security Audit Project http://www.steve.org.uk/Debian/ --- configuration.c-orig 2004-01-24 00:28:01.000000000 +0000 +++ configuration.c 2004-01-24 00:28:15.000000000 +0000 @@ -249,7 +249,7 @@ /* Initialize the configuration file name */ homeDir = getenv("HOME"); if(homeDir != NULL && homeDir[0] != 0 && strlen(homeDir) < sizeof(cfgName)-13) - sprintf(cfgName, "%s/.hatari.cfg", homeDir); + snprintf(cfgName, sizeof(cfgName)-1, "%s/.hatari.cfg", homeDir); else strcpy(cfgName, "hatari.cfg"); } --- printer.c-orig 2004-01-24 00:26:46.000000000 +0000 +++ printer.c 2004-01-24 00:27:13.000000000 +0000 @@ -66,7 +66,7 @@ { /* construct filename for printing.... */ if(getenv("HOME")!=NULL) - sprintf(ConfigureParams.Printer.szPrintToFileName, "%s%s", getenv("HOME"), PRINTER_FILENAME); + snprintf(ConfigureParams.Printer.szPrintToFileName, sizeof(ConfigureParams.Printer.szPrintToFileName)-1, "%s%s", getenv("HOME"), PRINTER_FILENAME); else sprintf(ConfigureParams.Printer.szPrintToFileName, ".%s",PRINTER_FILENAME); }
