Red Hat Bugzilla – Bug 117464
FIxes for overflows (potentially security issues)
Last modified: 2007-11-30 17:10:37 EST
Description of problem: Fixes overflows. Version-Release number of selected component (if applicable): RH9, Fedora How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Created attachment 98277 [details] Patch to fix overflows - Cope with malloc failure in some places; use snprint to avoid a segfault on malicious input (may be a security weakness depending on where whiptail is used).
The attached patch had several bugs (a patch to a .rej file, as well as a typo were MAXFORMAT was indicated as MAXFOTMAT which prevented compiling). Also, the patch included changed some of the interfaces (void returns to int returns, changing of some int params to unsigned params) I've taken most of the patch in spirit, but I've made some alterations based on the comments above