diff options
| author | Eric Andersen <andersen@codepoet.org> | 2004-05-05 10:37:49 +0000 |
|---|---|---|
| committer | Eric Andersen <andersen@codepoet.org> | 2004-05-05 10:37:49 +0000 |
| commit | aaff79a8dd00f2a9652a4bce8fbfe77715804ac2 (patch) | |
| tree | 2a6a8e172ed56b1d5083626bf93028ac2678a8e9 | |
| parent | 6c8161d69fe9fce0f862b678aaa84866aaaeff8f (diff) | |
| download | busybox-aaff79a8dd00f2a9652a4bce8fbfe77715804ac2.tar.gz | |
Steve Grubb writes:
Hello,
I found and patched 2 more bugs. The first is a misplaced semi-colon. The second
one is a buffer overflow. I doubt the buffer overflow is triggered in real life.
But you never know what those wily hackers are up to.
Thanks,
Steve Grubb
| -rw-r--r-- | archival/tar.c | 4 | ||||
| -rw-r--r-- | coreutils/dos2unix.c | 2 |
2 files changed, 3 insertions, 3 deletions
diff --git a/archival/tar.c b/archival/tar.c index 9d50a101d..efdc46587 100644 --- a/archival/tar.c +++ b/archival/tar.c @@ -477,8 +477,8 @@ static inline int writeTarFile(const int tar_fd, const int verboseFlag, dup2(gzipDataPipe[0], 0); close(gzipDataPipe[1]); - if (tbInfo.tarFd != 1); - dup2(tbInfo.tarFd, 1); + if (tbInfo.tarFd != 1) + dup2(tbInfo.tarFd, 1); close(gzipStatusPipe[0]); fcntl(gzipStatusPipe[1], F_SETFD, FD_CLOEXEC); /* close on exec shows sucess */ diff --git a/coreutils/dos2unix.c b/coreutils/dos2unix.c index a21ed5bc3..c8cebcec7 100644 --- a/coreutils/dos2unix.c +++ b/coreutils/dos2unix.c @@ -64,7 +64,7 @@ static int convert(char *fn, int ConvType) c = strlen(tempFn); tempFn[c] = '.'; while(1) { - if (c >=BUFSIZ) + if (c >=BUFSIZ-2) bb_error_msg_and_die("unique name not found"); /* Get some semi random stuff to try and make a * random filename based (and in the same dir as) |