Created
March 15, 2016 08:41
-
-
Save yantarou/ecf0931d13203fb8bbde to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff -ruNp cpio-2.11-orig/gnu/stdio.in.h cpio-2.11/gnu/stdio.in.h | |
--- cpio-2.11-orig/gnu/stdio.in.h 2010-03-10 04:27:03.000000000 -0500 | |
+++ cpio-2.11/gnu/stdio.in.h 2016-03-15 04:36:10.425702330 -0400 | |
@@ -139,7 +139,9 @@ _GL_WARN_ON_USE (fflush, "fflush is not | |
so any use of gets warrants an unconditional warning. Assume it is | |
always declared, since it is required by C89. */ | |
#undef gets | |
+#if HAVE_RAW_DECL_GETS | |
_GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead"); | |
+#endif | |
#if @GNULIB_FOPEN@ | |
# if @REPLACE_FOPEN@ | |
diff -ruNp cpio-2.11-orig/src/copyin.c cpio-2.11/src/copyin.c | |
--- cpio-2.11-orig/src/copyin.c 2010-02-15 05:02:23.000000000 -0500 | |
+++ cpio-2.11/src/copyin.c 2016-03-15 04:36:16.673387060 -0400 | |
@@ -1005,7 +1005,7 @@ read_in_header (struct cpio_file_stat *f | |
file_hdr->c_tar_linkname = NULL; | |
- tape_buffered_read (magic.str, in_des, 6L); | |
+ tape_buffered_read (magic.str, in_des, sizeof (magic.str)); | |
while (1) | |
{ | |
if (append_flag) | |
@@ -1050,8 +1050,8 @@ read_in_header (struct cpio_file_stat *f | |
break; | |
} | |
bytes_skipped++; | |
- memmove (magic.str, magic.str + 1, 5); | |
- tape_buffered_read (magic.str, in_des, 1L); | |
+ memmove (magic.str, magic.str + 1, sizeof (magic.str) - 1); | |
+ tape_buffered_read (magic.str + sizeof (magic.str) - 1, in_des, 1L); | |
} | |
} | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment