pkg/40374: pkgsrc/net/nbtscan buffer overflow, wrong homepage

To: pkg-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,pkgsrc-bugs%netbsd.org@localhost
Subject: pkg/40374: pkgsrc/net/nbtscan buffer overflow, wrong homepage
From: sd4dfg2%hotmail.com@localhost
Date: Mon, 12 Jan 2009 14:05:00 +0000 (UTC)

>Number:         40374
>Category:       pkg
>Synopsis:       pkgsrc/net/nbtscan buffer overflow, wrong homepage
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Jan 12 14:05:00 +0000 2009
>Originator:     Rob Quinn
>Release:        Solaris2.10, pkgsrc-current
>Organization:
>Environment:
>Description:
New homepage for this software is http://www.inetcat.net/software/nbtscan.html. 
 The old homepage leads to a cybersquatter.


net/nbtscan gets the buffer size wrong when null terminating a string in 
v_print_hostinfo.

int v_print_hostinfo(struct in_addr addr, const struct nb_host_info* hostinfo, 
char* sf, int hr) {
[...]
  char name[16];
[...]
      strncpy(name, hostinfo->names[i].ascii_name, 15);
      name[16]=0;
[...]
      if(sf) {
        printf("%s%s%s%s", inet_ntoa(addr), sf, name, sf);
[...]
      } else {
        printf("%-17s",  name);

>How-To-Repeat:

>Fix:
Removed the 15's and replaced with sizeof.

Prev by Date: pkg/40373: p5-perlMagick not building without libwmf package first
Next by Date: pkg/40376: multimedia/avidemux fails on build
Previous by Thread: pkg/40373: p5-perlMagick not building without libwmf package first
Next by Thread: pkg/40376: multimedia/avidemux fails on build
Indexes:

Home | Main Index | Thread Index | Old Index