commit xbsql for openSUSE:Factory
Hello community, here is the log from the commit of package xbsql for openSUSE:Factory checked in at Tue Mar 3 00:46:06 CET 2009. -------- --- xbsql/xbsql.changes 2009-01-16 20:28:58.000000000 +0100 +++ /mounts/work_src_done/STABLE/xbsql/xbsql.changes 2009-03-02 23:28:00.000000000 +0100 @@ -1,0 +2,6 @@ +Mon Mar 2 23:27:19 CET 2009 - crrodriguez@suse.de + +- fix build with current compilers, buffer overflow due to + use of strncat.. + +------------------------------------------------------------------- calling whatdependson for head-i586 New: ---- xbsql-0.11-bufferoverflowstrncat.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ xbsql.spec ++++++ --- /var/tmp/diff_new_pack.nq6819/_old 2009-03-03 00:45:54.000000000 +0100 +++ /var/tmp/diff_new_pack.nq6819/_new 2009-03-03 00:45:54.000000000 +0100 @@ -25,9 +25,10 @@ Summary: SQL Wrapper for the XBase Library Url: http://www.quaking.demon.co.uk/xbsql.html Version: 0.11 -Release: 233 +Release: 234 Source0: %name-%version.tar.bz2 Patch0: %name.diff +Patch1: xbsql-0.11-bufferoverflowstrncat.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -44,6 +45,7 @@ %prep %setup -q %patch +%patch1 %build autoreconf -ifv @@ -80,6 +82,9 @@ %_libdir/libxbsql* %changelog +* Mon Mar 02 2009 crrodriguez@suse.de +- fix build with current compilers, buffer overflow due to + use of strncat.. * Fri Jan 16 2009 crrodriguez@suse.de - disable static libraries * Fri Feb 29 2008 coolo@suse.de ++++++ xbsql-0.11-bufferoverflowstrncat.patch ++++++ Index: xbsql/xbsql.cpp =================================================================== --- xbsql/xbsql.cpp.orig 2009-03-02 23:16:12.000000000 +0100 +++ xbsql/xbsql.cpp 2009-03-02 23:23:12.000000000 +0100 @@ -468,7 +468,7 @@ XBSQLTable *XBaseSQL::openTable char name[256]; strncpy (name, table, sizeof(name)) ; - strncat (name, "_", sizeof(name)) ; + strncat (name, "_", sizeof(name) -strlen(name) -1) ; strncat (name, fSet.getFieldName (idx), sizeof(name) - strlen(table) - 1) ; path = getPath (name, "ndx") ; @@ -874,10 +874,10 @@ bool XBaseSQL::renameTable const char *fname = fSet.getFieldName (idx) ; strncpy (_oldName, oldName, sizeof(_oldName)) ; - strncat (_oldName, "_", sizeof(_oldName)) ; + strncat (_oldName, "_", sizeof(_oldName)- strlen(_oldName) -1) ; strncat (_oldName, fname, sizeof(_oldName) - strlen(oldName) - 1) ; strncpy (_newName, newName, sizeof(_newName)) ; - strncat (_newName, "_", sizeof(_newName)) ; + strncat (_newName, "_", sizeof(_newName) - strlen(newName) - 1) ; strncat (_newName, fname, sizeof(_newName) - strlen(newName) - 1) ; oldAnon = getPath (_oldName, "ndx") ; ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@Hilbert.suse.de