Up to [local] / src / usr.bin / file
Request diff between arbitrary revisions
Default branch: MAIN
Current tag: OPENBSD_4_2_BASE
Revision 1.3 / (download) - annotate - [select for diffs], Mon Jul 9 16:39:48 2007 UTC (16 years, 11 months ago) by dim
Branch: MAIN
CVS Tags: OPENBSD_4_2_BASE,
OPENBSD_4_2
Changes since 1.2: +3 -4 lines
Diff to previous 1.2 (colored)
Fix possible heap overflow in file(1), aka CVE-2007-1536. When writing data into a buffer in the file_printf() function, the length of the unused portion of the buffer is not correctly tracked, resulting in a buffer overflow when processing certain files. Adapted from FreeBSD's SA-07:04.file fix, with ok and some minor tweaks from canacar@ and ray@.