[-]
[+]
|
Deleted |
0005-Fix-segfault-with-csv-output-when-filename-contains-.patch
|
@@ -1,24 +0,0 @@
-From: Dmitry Bogatov <KAction@gnu.org>
-Date: Sat, 4 Mar 2017 21:13:38 +0300
-Subject: [PATCH] Fix segfault with csv output when filename contains comma
-
-Double `csv_escape()'ing filename is logic error, but root of the
-problem was that passing `csv' buffer back into `csv_escape()' caused
-endless loop over `static char csv[MAXLEN]', and buffer overflow.
----
- src/inotifywait.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/inotifywait.c b/src/inotifywait.c
-index 98aadd4..6e17007 100644
---- a/src/inotifywait.c
-+++ b/src/inotifywait.c
-@@ -119,7 +119,7 @@ void validate_format( char * fmt ) {
- void output_event_csv( struct inotify_event * event ) {
- char *filename = csv_escape(inotifytools_filename_from_wd(event->wd));
- if (filename != NULL)
-- printf("%s,", csv_escape(filename));
-+ printf("%s,", filename);
-
- printf("%s,", csv_escape( inotifytools_event_to_str( event->mask ) ) );
- if ( event->len > 0 )
|
[-]
[+]
|
Deleted |
0006-Fix-buffer-overrun-in-inotifytools.c.patch
^
|
@@ -1,33 +0,0 @@
-From: Dmitry Bogatov <KAction@debian.org>
-Date: Tue, 6 Aug 2019 16:36:24 +0000
-Subject: Fix buffer overrun in inotifytools.c
-
-The following code
-
- char *names[2+sizeof(int)/sizeof(char*)];
-
-was supposed to allocate enough space on stack to fit two `char *' and one
-`int'. Problem is that when sizeof(int) < sizeof(char *), which is likely on
-64-bit systems, it caused expression `sizeof(int)/sizeof(char*)' evaluate to 0,
-resulting in buffer overrun.
-
-Detected by GCC-9 new diagnostics.
-
-Closes: #925717
----
- libinotifytools/src/inotifytools.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/libinotifytools/src/inotifytools.c b/libinotifytools/src/inotifytools.c
-index b3feca3..ce4ccd5 100644
---- a/libinotifytools/src/inotifytools.c
-+++ b/libinotifytools/src/inotifytools.c
-@@ -859,7 +859,7 @@ void inotifytools_set_filename_by_filename( char const * oldname,
- void inotifytools_replace_filename( char const * oldname,
- char const * newname ) {
- if ( !oldname || !newname ) return;
-- char *names[2+sizeof(int)/sizeof(char*)];
-+ char *names[2+sizeof(int)/sizeof(char*) + 1];
- names[0] = (char*)oldname;
- names[1] = (char*)newname;
- *((int*)&names[2]) = strlen(oldname);
|
|
Deleted |
inotify-tools-3.14.tar.gz
^
|