netbsd-bugs: pkg/13896: hpack package cleanup

Subject: pkg/13896: hpack package cleanup
To: SEND-PR <gnats-bugs@gnats.netbsd.org>
From: Don Yuniskis <auryn@gci-net.com>
List: netbsd-bugs
Date: 09/07/2001 12:46:15
>Number:         13896
>Category:       pkg
>Synopsis:       removal of gets(3) dependancies in hpack port
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Sep 07 14:04:00 PDT 2001
>Closed-Date:
>Last-Modified:
>Originator:     Don Yuniskis
>Release:        NetBSD 1.5.1
>Organization:
        Don Yuniskis
>Environment:
System: NetBSD Some.Old.Machine 1.5.1 NetBSD 1.5.1 (GENERIC) #56: Mon Jul 2
15:54:23
CEST 2001 he@nsa.uninett.no:/usr/src/sys/arch/i386/compile/GENERIC i386


>Description:
        hpack package uses gets(3)
>How-To-Repeat:
        build it
>Fix:
        Use fgets(3) as per two patches included below

*** archive.c.old       Fri Sep  7 10:42:19 2001
--- archive.c   Fri Sep  7 10:30:37 2001
***************
*** 331,337 ****
        /* Nasty input routine - should check for illegal chars and
suchlike.
           Will also overflow if anyone enters more than 16K chars */
        hflush( stdout );
!       hgets( ( char * ) mrglBuffer );
        mrglBuffer[ MAX_PATH - 1 ] = '\0';
        strcpy( fileName, ( char * ) mrglBuffer );

--- 331,337 ----
        /* Nasty input routine - should check for illegal chars and
suchlike.
           Will also overflow if anyone enters more than 16K chars */
        hflush( stdout );
!       fgets( ( char * ) mrglBuffer, MAX_PATH, stdin );
        mrglBuffer[ MAX_PATH - 1 ] = '\0';
        strcpy( fileName, ( char * ) mrglBuffer );


*** keycvt/keycvt.c.old Fri Sep  7 08:33:25 2001
--- keycvt/keycvt.c     Fri Sep  7 08:37:47 2001
***************
*** 586,592 ****
        puts( "Warning: Password will be echoed to screen!" );
        printf( "Password: " );
        fflush( stdout );
!       gets( password );
        }

  void initCrypt( void )
--- 586,592 ----
        puts( "Warning: Password will be echoed to screen!" );
        printf( "Password: " );
        fflush( stdout );
!       fgets( password, sizeof(password), stdin );
        }

  void initCrypt( void )

:


>Release-Note:
>Audit-Trail:
>Unformatted:
 To: gnats-bugs@gnats.netbsd.org
 Subject: hpack cleanup
 From: root
 Reply-To: root
 X-send-pr-version: 3.95