El 10/05/11 15:15, David Haller escribió:
Hello,
On Sun, 01 May 2011, Sascha Manns wrote:
i've got a bugreport for the boinc-client package: https://bugzilla.novell.com/show_bug.cgi?id=689499.
Maybe anyone can help me with this bug? I have searched the whole Packaging Sources, but doesn't found anything and haven't any idea.
So it would be great, if anyone can help.
Have a nice Rest Weekend. :-) Sascha
It is a security hole, specifically, a buffer overflow, where do I get the package sources *exactly* to take a look ?
Someone who knows C better should check that though. AFAIK the limit of PATH_MAX-2 ('/' + '\0' + dirpath (w/o '\0') + filename (w/o '\0')) should be ok, but ...
I would just avoid the whole issue by using asprintf() or a library that has a proper call to check the (approximate) size of a directory... -- To unsubscribe, e-mail: opensuse-packaging+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-packaging+help@opensuse.org