Diffusion FreeBSD ports repository 1c7e0fd32c4a

sysutils/screen*: Fix off-by-one buffer overflow
1c7e0fd32c4a
Actions

Tags

None

Referenced Files

None

Subscribers

None

Description

sysutils/screen*: Fix off-by-one buffer overflow

FreeBSD ncurses, as of c8b9c85ee5bb, does a strncpy() of 1024 bytes into
a 1023 byte buffer supplied by screen. This section of code in ncurses
was removed in 61f66a1f4403, and is not a problem since 14.0-RELEASE.
But it is still a problem in 13-STABLE.

Thank you to dim@ for detailed analysis and initial patch to
sysutils/screen. The same patch is also applied to sysutils/screen-devel
this commit.

PR: 280868
MFH: 2024Q3

Details

Provenance

cy	Authored on Aug 19 2024, 3:49 PM

Parents

R11:b53d4a4ceb19: net-im/purple-gowhatsapp: Upgrade 1.15.0 → 1.16.0

Branches

Unknown

Tags

Unknown

Event Timeline

cy committed R11:1c7e0fd32c4a: sysutils/screen*: Fix off-by-one buffer overflow (authored by cy).Aug 19 2024, 4:05 PM

cy mentioned this in R11:5c23182d5fc9: sysutils/screen*: Fix off-by-one buffer overflow.Aug 19 2024, 4:09 PM

Changes (4)

Path

Size

sysutils/

screen-devel/

files/

screen/

files/

R11:1c7e0fd32c4a

sysutils/screen-devel/Makefile

Loading...

sysutils/screen-devel/files/patch-os.h

Loading...

sysutils/screen/Makefile

Loading...

sysutils/screen/files/patch-os.h

Loading...