[Commits] [SCM] claws branch, master, updated. 3.11.1-35-ga8df3ae

mones at claws-mail.org mones at claws-mail.org
Sat Nov 29 22:55:36 CET 2014


The branch, master has been updated
       via  a8df3ae48ad5732018934b378abb11a022735c5e (commit)
      from  5c904ffa6257f591d0ffde8d90faa592bc384270 (commit)

Summary of changes:
 src/plugins/tnef_parse/ytnef.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


- Log -----------------------------------------------------------------
commit a8df3ae48ad5732018934b378abb11a022735c5e
Author: Ricardo Mones <ricardo at mones.org>
Date:   Sat Nov 29 22:53:33 2014 +0100

    Fix possible buffer overflow (CVE 2010-5109)
    
    Patch by Petr Písař <ppisar at redhat.com>
    RedHat bug: https://bugzilla.redhat.com/show_bug.cgi?id=831322
    Debian bug: https://bugs.debian.org/771360

diff --git a/src/plugins/tnef_parse/ytnef.c b/src/plugins/tnef_parse/ytnef.c
index a2e7ed3..9184836 100644
--- a/src/plugins/tnef_parse/ytnef.c
+++ b/src/plugins/tnef_parse/ytnef.c
@@ -1352,7 +1352,7 @@ unsigned char *DecompressRTF(variableLength *p, int *size) {
 
     comp_Prebuf.size = strlen(RTF_PREBUF);
     comp_Prebuf.data = calloc(comp_Prebuf.size + 1, 1);
-    strcpy(comp_Prebuf.data, RTF_PREBUF);
+    memcpy(comp_Prebuf.data, RTF_PREBUF, comp_Prebuf.size);
 
     src = p->data;
     in = 0;

-----------------------------------------------------------------------


hooks/post-receive
-- 
Claws Mail


More information about the Commits mailing list