Hi Rein,
during the tests with the new GCC-4.4.1 and GLIBC-2.10 we found two
buffer overflows in string handling. Please see the attached diff for fix.
The first fix does not only fix the buffer overflow but also corrects the
wrong handling of the month variable for muf predictions.
73, de Tom DL1JBE
-----------------------------------------------------------------------
--- src/clear_display.c.orig 2007-12-18 16:08:05.000000000 +0100
+++ src/clear_display.c 2009-10-06 07:25:30.000000000 +0200
@@ -100,10 +100,7 @@
else
strftime(time_buf, 60, "DIG %d-%b-%y %H:%M ", time_ptr);
-strncat (month, time_buf + 2, 2); /* month for muf calc */
-m = atoi ( month);
-if (m == 0)
- m++;
+ m = time_ptr->tm_mon; /* month for muf calc */
mvprintw(12, 3,time_buf);
--- src/displayit.c.orig 2009-10-06 16:27:22.000000000 +0200
+++ src/displayit.c 2009-10-06 16:45:31.000000000 +0200
@@ -39,7 +39,7 @@
strncat(term2buf, termbuf, strlen(termbuf) - 1 );
strncat(term2buf, backgrnd_str, 81 - strlen(termbuf)); /*
fill with blanks */
- strcat(term2buf, "\n");
+ term2buf[80] = '\0';
strcpy(terminal1, terminal2);
strcpy(terminal2, terminal3);
strcpy(terminal3, terminal4);
-----------------------------------------------------------------------
On Mon, Oct 05, 2009 at 06:52:02PM +0200, Thomas Beierlein wrote:
> Hi Rein,
>
> On Mon, Oct 05, 2009 at 03:02:18PM +0200, Rein Couperus wrote:
> > I will include the patch and release it this week.
> >
> just wait a little bit with a new release. We just checked with the new
> gcc 4.4.1 and glibc 2.10. There are more problems to fix.
>
> I will look for it and keep you informed.
>
> 73, de Tom DL1JBE.
>
> >
> > > -----Ursprüngliche Nachricht-----
> > > Von: "Thomas Beierlein" <t...@forth-ev.de>
> > > Gesendet: 05.10.09 15:00:50
> > > An: tlf-devel@nongnu.org
> > > Betreff: [Tlf-devel] tlf segfault
> >
> >
> > > Hi,
> > >
> > > Tlf segfaults immediately after start on some machines here if started
> > > with 'tlf -n' and if SPOTLIST is activated in logcfg.dat (as installed by
> > > default as example).
> > >
> > > Found the reason in cluster_bg.c where in case of an empty spotlist tlf
> > > uses
> > > some negative indexes for array access (around lines 460..490) . Bummer!
> > >
> > > The following diff fixes the problem. I hope Rein can integrate the patch
> > > soon
> > > and release a fixed version.
> > >
> > > 73, de Tom DL1JBE
> > >
> > > Patch follows here:
> > >
> > > --- src/cluster_bg.c.orig 2009-10-03 09:14:28.000000000 +0200
> > > +++ src/cluster_bg.c 2009-10-02 08:25:40.000000000 +0200
> > > @@ -463,7 +463,10 @@
> > > for (j=15; j < 23; j++)
> > > mvprintw(j,4, " ");
> > >
> > > -if (cluster == SPOTS) linepos = i - 8;
> > > +if (cluster == SPOTS){
> > > + linepos = i - 8;
> > > + if (linepos < 0) linepos = 0;
> > > +}
> > > else linepos = 0;
> > >
> > >
> > > --
> > > "Do what is needful!"
> > > Ursula LeGuin: Earthsea
> > > --
> > >
> > >
> > >
> > > _______________________________________________
> > > Tlf-devel mailing list
> > > Tlf-devel@nongnu.org
> > > http://lists.nongnu.org/mailman/listinfo/tlf-devel
> > >
> >
> > --
> > http://pa0r.blogspirit.com
>
> --
> "Do what is needful!"
> Ursula LeGuin: Earthsea
> --
>
>
>
> _______________________________________________
> Tlf-devel mailing list
> Tlf-devel@nongnu.org
> http://lists.nongnu.org/mailman/listinfo/tlf-devel
--
"Do what is needful!"
Ursula LeGuin: Earthsea
--
_______________________________________________
Tlf-devel mailing list
Tlf-devel@nongnu.org
http://lists.nongnu.org/mailman/listinfo/tlf-devel
