summaryrefslogtreecommitdiff
path: root/ipkg/ipkg-0.99.129/buffer-overflow.patch
blob: 91234fd53f0f3b2f7401d12d9ecfe7d31938df05 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
Index: ipkg_cmd.c
===================================================================
RCS file: /cvs/familiar/dist/ipkg/C/ipkg_cmd.c,v
retrieving revision 1.96
diff -u -r1.96 ipkg_cmd.c
--- C/ipkg_cmd.c	19 Aug 2004 10:55:47 -0000	1.96
+++ C/ipkg_cmd.c	11 Sep 2004 19:43:14 -0000
@@ -860,6 +860,7 @@
      str_list_elt_t *iter;
      char *pkg_version;
      size_t buff_len = 8192;
+     size_t used_len;
      char *buff ;
 
      buff = (char *)malloc(buff_len);
@@ -891,9 +892,20 @@
      }
 #else
      if (buff) {
-	  snprintf(buff, buff_len, "Package %s (%s) is installed on %s and has the following files:\n",
-		   pkg->name, pkg_version, pkg->dest->name);
+     try_again:
+	  used_len = snprintf(buff, buff_len, "Package %s (%s) is installed on %s and has the following files:\n",
+			      pkg->name, pkg_version, pkg->dest->name) + 1;
+	  if (used_len > buff_len) {
+	       buff_len *= 2;
+	       buff = realloc (buff, buff_len);
+	       goto try_again;
+	  }
 	  for (iter = installed_files->head; iter; iter = iter->next) {
+	       used_len += strlen (iter->data) + 1;
+	       while (buff_len <= used_len) {
+		    buff_len *= 2;
+		    buff = realloc (buff, buff_len);
+	       }
 	       strncat(buff, iter->data, buff_len);
 	       strncat(buff, "\n", buff_len);
 	  }