summaryrefslogtreecommitdiff
path: root/devel/cscope/files/patch-CVE-2004-2541
diff options
context:
space:
mode:
Diffstat (limited to 'devel/cscope/files/patch-CVE-2004-2541')
-rw-r--r--devel/cscope/files/patch-CVE-2004-2541262
1 files changed, 262 insertions, 0 deletions
diff --git a/devel/cscope/files/patch-CVE-2004-2541 b/devel/cscope/files/patch-CVE-2004-2541
new file mode 100644
index 000000000000..76adf3001121
--- /dev/null
+++ b/devel/cscope/files/patch-CVE-2004-2541
@@ -0,0 +1,262 @@
+--- src/build.c
++++ src/build.c
+@@ -215,7 +215,7 @@
+ (void) strcpy(newdir, "$HOME");
+ }
+ else if (strncmp(currentdir, home, strlen(home)) == 0) {
+- (void) sprintf(newdir, "$HOME%s", currentdir + strlen(home));
++ (void) snprintf(newdir, sizeof(newdir), "$HOME%s", currentdir + strlen(home));
+ }
+ /* sort the source file names (needed for rebuilding) */
+ qsort(srcfiles, (unsigned) nsrcfiles, sizeof(char *), compare);
+@@ -443,7 +443,7 @@
+ }
+ (void) fstat(fileno(postings), &statstruct);
+ (void) fclose(postings);
+- (void) sprintf(sortcommand, "env LC_ALL=C sort -T %s %s", tmpdir, temp1);
++ (void) snprintf(sortcommand, sizeof(sortcommand), "env LC_ALL=C sort -T %s %s", tmpdir, temp1);
+ if ((postings = mypopen(sortcommand, "r")) == NULL) {
+ (void) fprintf(stderr, "cscope: cannot open pipe to sort command\n");
+ cannotindex();
+--- src/command.c
++++ src/command.c
+@@ -718,7 +718,7 @@
+
+ /* make sure it can be changed */
+ if (access(newfile, WRITE) != 0) {
+- (void) sprintf(msg, "Cannot write to file %s", newfile);
++ (void) snprintf(msg, sizeof(msg), "Cannot write to file %s", newfile);
+ postmsg(msg);
+ anymarked = NO;
+ break;
+--- src/dir.c
++++ src/dir.c
+@@ -138,7 +138,7 @@
+
+ /* compute its path from higher view path source dirs */
+ for (i = 1; i < nvpsrcdirs; ++i) {
+- (void) sprintf(path, "%.*s/%s",
++ (void) snprintf(path, sizeof(path), "%.*s/%s",
+ PATHLEN - 2 - dir_len,
+ srcdirs[i], dir);
+ addsrcdir(path);
+@@ -206,7 +206,7 @@
+
+ /* compute its path from higher view path source dirs */
+ for (i = 1; i < nvpsrcdirs; ++i) {
+- (void) sprintf(path, "%.*s/%s",
++ (void) snprintf(path, sizeof(path), "%.*s/%s",
+ PATHLEN - 2 - dir_len,
+ srcdirs[i], dir);
+ addincdir(dir, path);
+@@ -474,8 +474,6 @@
+ DIR *dirfile;
+ int adir_len = strlen(adir);
+
+- /* FIXME: no guards against adir_len > PATHLEN, yet */
+-
+ if ((dirfile = opendir(adir)) != NULL) {
+ struct dirent *entry;
+ char path[PATHLEN + 1];
+@@ -486,7 +484,7 @@
+ && (strcmp("..",entry->d_name) != 0)) {
+ struct stat buf;
+
+- sprintf(path,"%s/%.*s", adir,
++ snprintf(path, sizeof(path), "%s/%.*s", adir,
+ PATHLEN - 2 - adir_len,
+ entry->d_name);
+
+@@ -603,14 +601,14 @@
+ for (i = 0; i < nincdirs; ++i) {
+
+ /* don't include the file from two directories */
+- (void) sprintf(name, "%.*s/%s",
++ (void) snprintf(name, sizeof(name), "%.*s/%s",
+ PATHLEN - 2 - file_len, incnames[i],
+ file);
+ if (infilelist(name) == YES) {
+ break;
+ }
+ /* make sure it exists and is readable */
+- (void) sprintf(path, "%.*s/%s",
++ (void) snprintf(path, sizeof(path), "%.*s/%s",
+ PATHLEN - 2 - file_len, incdirs[i],
+ file);
+ if (access(compath(path), READ) == 0) {
+@@ -654,7 +652,7 @@
+
+ /* compute its path from higher view path source dirs */
+ for (i = 1; i < nvpsrcdirs; ++i) {
+- (void) sprintf(path, "%.*s/%s",
++ (void) snprintf(path, sizeof(path), "%.*s/%s",
+ PATHLEN - 2 - file_len, srcdirs[i],
+ file);
+ if (access(compath(path), READ) == 0) {
+--- src/display.c
++++ src/display.c
+@@ -473,24 +473,24 @@
+ /* see if it is empty */
+ if ((c = getc(refsfound)) == EOF) {
+ if (findresult != NULL) {
+- (void) sprintf(lastmsg, "Egrep %s in this pattern: %s",
++ (void) snprintf(lastmsg, sizeof(lastmsg), "Egrep %s in this pattern: %s",
+ findresult, pattern);
+ }
+ else if (rc == NOTSYMBOL) {
+- (void) sprintf(lastmsg, "This is not a C symbol: %s",
++ (void) snprintf(lastmsg, sizeof(lastmsg), "This is not a C symbol: %s",
+ pattern);
+ }
+ else if (rc == REGCMPERROR) {
+- (void) sprintf(lastmsg, "Error in this regcomp(3) regular expression: %s",
++ (void) snprintf(lastmsg, sizeof(lastmsg), "Error in this regcomp(3) regular expression: %s",
+ pattern);
+
+ }
+ else if (funcexist == NO) {
+- (void) sprintf(lastmsg, "Function definition does not exist: %s",
++ (void) snprintf(lastmsg, sizeof(lastmsg), "Function definition does not exist: %s",
+ pattern);
+ }
+ else {
+- (void) sprintf(lastmsg, "Could not find the %s: %s",
++ (void) snprintf(lastmsg, sizeof(lastmsg), "Could not find the %s: %s",
+ fields[field].text2, pattern);
+ }
+ return(NO);
+@@ -555,17 +555,17 @@
+ move(MSGLINE, 0);
+ clrtoeol();
+ addstr(what);
+- sprintf(msg, "%ld", current);
++ snprintf(msg, sizeof(msg), "%ld", current);
+ move(MSGLINE, (COLS / 2) - (strlen(msg) / 2));
+ addstr(msg);
+- sprintf(msg, "%ld", max);
++ snprintf(msg, sizeof(msg), "%ld", max);
+ move(MSGLINE, COLS - strlen(msg));
+ addstr(msg);
+ refresh();
+ }
+ else if (verbosemode == YES)
+ {
+- sprintf(msg, "> %s %ld of %ld", what, current, max);
++ snprintf(msg, sizeof(msg), "> %s %ld of %ld", what, current, max);
+ }
+
+ start = now;
+@@ -603,7 +603,7 @@
+ s = sys_errlist[errno];
+ }
+ #endif
+- (void) sprintf(msg, "%s: %s", text, s);
++ (void) snprintf(msg, sizeof(msg), "%s: %s", text, s);
+ postmsg(msg);
+ }
+
+--- src/edit.c
++++ src/edit.c
+@@ -105,9 +105,9 @@
+ char *s;
+
+ file = filepath(file);
+- (void) sprintf(msg, "%s +%s %s", mybasename(editor), linenum, file);
++ (void) snprintf(msg, sizeof(msg), "%s +%s %s", mybasename(editor), linenum, file);
+ postmsg(msg);
+- (void) sprintf(plusnum, lineflag, linenum);
++ (void) snprintf(plusnum, sizeof(plusnum), lineflag, linenum);
+ /* if this is the more or page commands */
+ if (strcmp(s = mybasename(editor), "more") == 0 || strcmp(s, "page") == 0) {
+
+@@ -132,7 +132,7 @@
+ static char path[PATHLEN + 1];
+
+ if (prependpath != NULL && *file != '/') {
+- (void) sprintf(path, "%s/%s", prependpath, file);
++ (void) snprintf(path, sizeof(path), "%s/%s", prependpath, file);
+ file = path;
+ }
+ return(file);
+--- src/exec.c
++++ src/exec.c
+@@ -124,7 +124,7 @@
+
+ /* execute the program or shell script */
+ (void) execvp(a, args); /* returns only on failure */
+- (void) sprintf(msg, "\nCannot exec %s", a);
++ (void) snprintf(msg, sizeof(msg), "\nCannot exec %s", a);
+ perror(msg); /* display the reason */
+ askforreturn(); /* wait until the user sees the message */
+ myexit(1); /* exit the child */
+--- src/find.c
++++ src/find.c
+@@ -666,7 +666,7 @@
+ /* must be an exact match */
+ /* note: regcomp doesn't recognize ^*keypad$ as a syntax error
+ unless it is given as a single arg */
+- (void) sprintf(buf, "^%s$", s);
++ (void) snprintf(buf, sizeof(buf), "^%s$", s);
+ if (regcomp (&regexp, buf, REG_EXTENDED | REG_NOSUB) != 0) {
+ return(REGCMPERROR);
+ }
+--- src/main.c
++++ src/main.c
+@@ -352,12 +374,12 @@
+ * used instead of failing to open a non-existant database in
+ * the home directory
+ */
+- (void) sprintf(path, "%s/%s", home, reffile);
++ (void) snprintf(path, sizeof(path), "%s/%s", home, reffile);
+ if (isuptodate == NO || access(path, READ) == 0) {
+ reffile = stralloc(path);
+- (void) sprintf(path, "%s/%s", home, invname);
++ (void) snprintf(path, sizeof(path), "%s/%s", home, invname);
+ invname = stralloc(path);
+- (void) sprintf(path, "%s/%s", home, invpost);
++ (void) snprintf(path, sizeof(path), "%s/%s", home, invpost);
+ invpost = stralloc(path);
+ }
+ }
+@@ -692,7 +714,7 @@
+ #else
+ char *msg = mymalloc(50+strlen(file));
+
+- (void) sprintf(msg, "Removed file %s because write failed", file);
++ (void) snprintf(msg, sizeof(msg), "Removed file %s because write failed", file);
+ #endif
+
+ myperror(msg); /* display the reason */
+--- src/vpaccess.c
++++ src/vpaccess.c
+@@ -49,7 +49,7 @@
+ if ((returncode = access(path, amode)) == -1 && path[0] != '/') {
+ vpinit(NULL);
+ for (i = 1; i < vpndirs; i++) {
+- (void) sprintf(buf, "%s/%s", vpdirs[i], path);
++ (void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], path);
+ if ((returncode = access(buf, amode)) != -1) {
+ break;
+ }
+--- src/vpfopen.c
++++ src/vpfopen.c
+@@ -53,7 +53,7 @@
+ ) {
+ vpinit(NULL);
+ for (i = 1; i < vpndirs; i++) {
+- (void) sprintf(buf, "%s/%s", vpdirs[i], filename);
++ (void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], filename);
+ if ((returncode = myfopen(buf, type)) != NULL) {
+ break;
+ }
+--- src/vpopen.c
++++ src/vpopen.c
+@@ -52,7 +52,7 @@
+ oflag == OPENFLAG_READ) {
+ vpinit(NULL);
+ for (i = 1; i < vpndirs; i++) {
+- (void) sprintf(buf, "%s/%s", vpdirs[i], path);
++ (void) snprintf(buf, sizeof(buf), "%s/%s", vpdirs[i], path);
+ if ((returncode = myopen(buf, oflag, 0666)) != -1) {
+ break;
+ }
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-30 15:33:41 +0000