Package: rrootage Version: 0.23a-8 Severity: normal Hi,
While scanning some packages I found the following piece of code which leads
to a buffer overflow when an overly long HOME env var is used.
Affected code (src/attractmanager.c twice):
> char *tmpname;
> char name[128];
>
> tmpname = getenv("HOME");
> strcpy(name, tmpname);
Cheers,
--
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net
signature.asc
Description: This is a digitally signed message part.
