Home Verkennen Help
Inloggen
erkanisik
/
main
spiegel van https://github.com/pisilinux/main.git
Volgen 1
Ster 0
Vork 0
Bestanden Kwesties 0 Wiki
Boom: 3357b8f7d6
Aftakkingen Labels
main
/
hardware
/
optical
/
cdrkit
/
files
/
cdrkit-1.1.9-buffer_overflow.patch

cdrkit-1.1.9-buffer_overflow.patch 2.2 KB
Geschiedenis Ruwe

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667 
  1. diff -ru origin-1.1.9/wodim/scsi_cdr.c master-1.1.9/wodim/scsi_cdr.c
    2. 

  2. --- origin-1.1.9/wodim/scsi_cdr.c	2008-02-25 12:14:07.000000000 +0100
    3. 

  3. +++ master-1.1.9/wodim/scsi_cdr.c	2009-07-16 12:01:29.000000000 +0200
    4. 

  4. @@ -2181,26 +2181,30 @@
    5. 

  5.  		if (inq->add_len == 0) {
    6. 

  6.  			if (usalp->dev == DEV_UNKNOWN && got_inquiry) {
    7. 

  7.  				usalp->dev = DEV_ACB5500;
    8. 

  8. -				strcpy(inq->vendor_info,
    9. 

  9. -					"ADAPTEC ACB-5500        FAKE");
    10. 

  10. +				strncpy(inq->vendor_info, "ADAPTEC ", 8);
    11. 

  11. +				strncpy(inq->prod_ident,"ACB-5500        ", 16);
    12. 

  12. +				strncpy(inq->prod_revision, "FAKE", 4);
    13. 

  13.  
    14. 

  14.  			} else switch (usalp->dev) {
    15. 

  15. -
    16. 

  16.  				case DEV_ACB40X0:
    17. 

  17. -					strcpy(inq->vendor_info,
    18. 

  18. -							"ADAPTEC ACB-40X0        FAKE");
    19. 

  19. +					strncpy(inq->vendor_info, "ADAPTEC ", 8);
    20. 

  20. +					strncpy(inq->prod_ident, "ACB-40X0        ",16);
    21. 

  21. +					strncpy(inq->prod_revision, "FAKE", 4);
    22. 

  22.  					break;
    23. 

  23.  				case DEV_ACB4000:
    24. 

  24. -					strcpy(inq->vendor_info,
    25. 

  25. -							"ADAPTEC ACB-4000        FAKE");
    26. 

  26. +					strncpy(inq->vendor_info, "ADAPTEC ",8);
    27. 

  27. +					strncpy(inq->prod_ident, "ACB-4000        ",16);
    28. 

  28. +					strncpy(inq->prod_revision, "FAKE",4);
    29. 

  29.  					break;
    30. 

  30.  				case DEV_ACB4010:
    31. 

  31. -					strcpy(inq->vendor_info,
    32. 

  32. -							"ADAPTEC ACB-4010        FAKE");
    33. 

  33. +					strncpy(inq->vendor_info, "ADAPTEC ",8);
    34. 

  34. +					strncpy(inq->prod_ident, "ACB-4010        ",16);
    35. 

  35. +					strncpy(inq->prod_revision, "FAKE",4);
    36. 

  36.  					break;
    37. 

  37.  				case DEV_ACB4070:
    38. 

  38. -					strcpy(inq->vendor_info,
    39. 

  39. -							"ADAPTEC ACB-4070        FAKE");
    40. 

  40. +					strncpy(inq->vendor_info,"ADAPTEC ",8);
    41. 

  41. +					strncpy(inq->prod_ident, "ACB-4070        ", 16);
    42. 

  42. +					strncpy(inq->prod_revision, "FAKE",4 );
    43. 

  43.  					break;
    44. 

  44.  			}
    45. 

  45.  		} else if (inq->add_len < 31) {
    46. 

  46. @@ -2230,14 +2234,16 @@
    47. 

  47.  
    48. 

  48.  	case INQ_SEQD:
    49. 

  49.  		if (usalp->dev == DEV_SC4000) {
    50. 

  50. -			strcpy(inq->vendor_info,
    51. 

  51. -				"SYSGEN  SC4000          FAKE");
    52. 

  52. +			strncpy(inq->vendor_info,"SYSGEN  ",8);
    53. 

  53. +			strncpy(inq->prod_ident, "SC4000          ",16);
    54. 

  54. +			strncpy(inq->prod_revision, "FAKE",4);
    55. 

  55.  		} else if (inq->add_len == 0 &&
    56. 

  56.  					inq->removable &&
    57. 

  57.  						inq->ansi_version == 1) {
    58. 

  58.  			usalp->dev = DEV_MT02;
    59. 

  59. -			strcpy(inq->vendor_info,
    60. 

  60. -				"EMULEX  MT02            FAKE");
    61. 

  61. +			strncpy(inq->vendor_info,"EMULEX  ",8);
    62. 

  62. +			strncpy(inq->prod_ident, "MT02            ",16);
    63. 

  63. +			strncpy(inq->prod_revision, "FAKE",4);
    64. 

  64.  		}
    65. 

  65.  		break;
    66. 

  66.  
    67. 

  67.