Bug 117464
| Summary: | FIxes for overflows (potentially security issues) | ||||||
|---|---|---|---|---|---|---|---|
| Product: | [Fedora] Fedora | Reporter: | Alastair McKinstry <mckinstry> | ||||
| Component: | newt | Assignee: | Eido Inoue <havill> | ||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |||||
| Severity: | medium | Docs Contact: | |||||
| Priority: | medium | ||||||
| Version: | rawhide | Keywords: | Security | ||||
| Target Milestone: | --- | ||||||
| Target Release: | --- | ||||||
| Hardware: | All | ||||||
| OS: | Linux | ||||||
| Whiteboard: | |||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||
| Doc Text: | Story Points: | --- | |||||
| Clone Of: | Environment: | ||||||
| Last Closed: | 2004-04-07 19:37:37 UTC | Type: | --- | ||||
| Regression: | --- | Mount Type: | --- | ||||
| Documentation: | --- | CRM: | |||||
| Verified Versions: | Category: | --- | |||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||
| Embargoed: | |||||||
| Attachments: |
|
||||||
|
Description
Alastair McKinstry
2004-03-04 11:26:54 UTC
Created attachment 98277 [details]
Patch to fix overflows
- Cope with malloc failure in some places; use snprint
to avoid a segfault on malicious input (may be a security
weakness depending on where whiptail is used).
The attached patch had several bugs (a patch to a .rej file, as well as a typo were MAXFORMAT was indicated as MAXFOTMAT which prevented compiling). Also, the patch included changed some of the interfaces (void returns to int returns, changing of some int params to unsigned params) I've taken most of the patch in spirit, but I've made some alterations based on the comments above |