[Commits] addrbook.c 1.22.2.26 1.22.2.27 exportldif.c 1.1.4.23 1.1.4.24

pawel at claws-mail.org pawel at claws-mail.org
Fri Jan 20 23:56:54 CET 2012 

Update of /home/claws-mail/claws/src
In directory srv:/tmp/cvs-serv518/src

Modified Files:
      Tag: gtk2
	addrbook.c exportldif.c 
Log Message:
2012-01-20 [pawel]	3.8.0cvs16

	* src/addrbook.c
	* src/exportldif.c
		Fix bug #2574 'Statement might be overflowing a
		buffer in strncat'

Index: addrbook.c
===================================================================
RCS file: /home/claws-mail/claws/src/addrbook.c,v
retrieving revision 1.22.2.26
retrieving revision 1.22.2.27
diff -u -d -r1.22.2.26 -r1.22.2.27
--- addrbook.c	28 Nov 2011 21:47:33 -0000	1.22.2.26
+++ addrbook.c	20 Jan 2012 22:56:52 -0000	1.22.2.27
@@ -1804,7 +1804,7 @@
 	GDir *dir;
 	const gchar *dir_name;
 	struct stat statbuf;
-	gchar buf[WORK_BUFLEN];
+	gchar buf[WORK_BUFLEN + 1];
 	gchar numbuf[WORK_BUFLEN];
 	gint len, lenpre, lensuf, lennum;
 	long int val, maxval;
@@ -1827,7 +1827,7 @@
 	}
 
 	adbookdir = g_strdup(buf);
-	strncat(buf, ADDRBOOK_PREFIX, WORK_BUFLEN);
+	strncat(buf, ADDRBOOK_PREFIX, WORK_BUFLEN - strlen(buf));
 
 	if( ( dir = g_dir_open( adbookdir, 0, NULL ) ) == NULL ) {
 		book->retVal = MGU_OPEN_DIRECTORY;
@@ -1846,7 +1846,7 @@
 		gboolean flg;
 
 		strncpy(buf, adbookdir, WORK_BUFLEN);
-		strncat(buf, dir_name, WORK_BUFLEN);
+		strncat(buf, dir_name, WORK_BUFLEN - strlen(buf));
 		g_stat(buf, &statbuf);
 		if (S_ISREG(statbuf.st_mode)) {
 			if (strncmp(

Index: exportldif.c
===================================================================
RCS file: /home/claws-mail/claws/src/exportldif.c,v
retrieving revision 1.1.4.23
retrieving revision 1.1.4.24
diff -u -d -r1.1.4.23 -r1.1.4.24
--- exportldif.c	17 Oct 2011 11:02:44 -0000	1.1.4.23
+++ exportldif.c	20 Jan 2012 22:56:52 -0000	1.1.4.24
@@ -197,7 +197,7 @@
 static gchar *exportldif_fmt_dn(
 		ExportLdifCtl *ctl, const ItemPerson *person )
 {
-	gchar buf[ FMT_BUFSIZE ];
+	gchar buf[ FMT_BUFSIZE + 1 ];
 	gchar *retVal = NULL;
 	gchar *attr = NULL;
 	gchar *value = NULL;
@@ -231,23 +231,23 @@
 	if( attr ) {
 		if( value ) {
 			if( strlen( value ) > 0 ) {
-				strncat( buf, attr, FMT_BUFSIZE );
-				strncat( buf, "=", FMT_BUFSIZE );
+				strncat( buf, attr, FMT_BUFSIZE - strlen(buf) );
+				strncat( buf, "=", FMT_BUFSIZE - strlen(buf) );
 				if( dupval ) {
 					/* Format and free duplicated value */
-					strncat( buf, dupval, FMT_BUFSIZE );
+					strncat( buf, dupval, FMT_BUFSIZE - strlen(buf) );
 					g_free( dupval );
 				}
 				else {
 					/* Use original value */
-					strncat( buf, value, FMT_BUFSIZE );
+					strncat( buf, value, FMT_BUFSIZE - strlen(buf) );
 				}
 
 				/* Append suffix */
 				if( ctl->suffix ) {
 					if( strlen( ctl->suffix ) > 0 ) {
-						strncat( buf, ",", FMT_BUFSIZE );
-						strncat( buf, ctl->suffix, FMT_BUFSIZE );
+						strncat( buf, ",", FMT_BUFSIZE - strlen(buf) );
+						strncat( buf, ctl->suffix, FMT_BUFSIZE - strlen(buf) );
 					}
 				}

More information about the Commits mailing list