Mon Jan 23 14:29:26 2006 Michael Jennings (mej)

0.7 final release. Includes fix for CVE-2006-0224 buffer overflow discovered by Rosiello Security. Details can be found at http://www.rosiello.org/en/read_bugs.php?id=25 ---------------------------------------------------------------------- SVN revision: 20001
author: Michael Jennings <mej@kainx.org> 2006-01-23 19:31:54 +0000
committer: Michael Jennings <mej@kainx.org> 2006-01-23 19:31:54 +0000
commit: cfbaa60097d20666121258b1213633e56bc9de34 (patch)
tree: fab87b882e604b89f16b8a8720c4a253495917f4
parent: b6c9952112a0e165311d88d8417a59b28dac7da2 (diff)
download: libast-cfbaa60097d20666121258b1213633e56bc9de34.tar.gz
7 files changed, 22 insertions, 10 deletions
diff --git a/ChangeLog b/ChangeLog
index 384c8ed..1f0e7a3 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -758,3 +758,9 @@ Thu Dec 22 18:29:54 2005                        Michael Jennings (mej)
 
 Fixed auto-detection of Imlib2.  :-(
 ----------------------------------------------------------------------
+Mon Jan 23 14:29:26 2006                        Michael Jennings (mej)
+
+0.7 final release.  Includes fix for CVE-2006-0224 buffer overflow
+discovered by Rosiello Security.  Details can be found at
+http://www.rosiello.org/en/read_bugs.php?id=25
+----------------------------------------------------------------------
diff --git a/configure.in b/configure.in
index f313952..586a254 100644
--- a/configure.in
+++ b/configure.in
@@ -71,7 +71,7 @@ AC_ARG_WITH(pedantry,
     [  --with-pedantry         add -Werror -std=c99 -pedantic to CFLAGS],
     [
         if test "$withval" != "no"; then
-            CFLAGS="$CFLAGS -Wall -Werror -std=c99 -pedantic"
+            CFLAGS="$CFLAGS -Wall -Werror -std=c99"
             AC_DEFINE(STRICT_ISO_C99, 1, [Defined if strict ISO C99 (9899:1999) is requested or required.])
         fi
     ]
diff --git a/include/libast.h b/include/libast.h
index 158a533..5c767c5 100644
--- a/include/libast.h
+++ b/include/libast.h
@@ -81,7 +81,8 @@
 #endif
 
 #ifdef __GNUC__
-#  if __GNUC__ >= 4 && !defined(STRICT_ISO_C99)
+#  if __GNUC__ >= 4
+#    undef  STRICT_ISO_C99
 #    define STRICT_ISO_C99 1
 #  endif
 #else
diff --git a/libast.spec b/libast.spec
index f66501a..10b6ac8 100644
--- a/libast.spec
+++ b/libast.spec
@@ -6,8 +6,8 @@
 Summary: Library of Assorted Spiffy Things
 Name: libast
 Version: 0.7
-#Release: 1
-Release: 0.%(date '+%Y%m%d')
+Release: 1
+#Release: 0.%(date '+%Y%m%d')
 Group: System Environment/Libraries
 License: BSD
 URL: http://www.eterm.org/
diff --git a/src/conf.c b/src/conf.c
index b86ba7b..aff7392 100644
--- a/src/conf.c
+++ b/src/conf.c
@@ -721,14 +721,12 @@ spifconf_shell_expand(spif_charptr_t s)
 
 /* The config file reader.  This looks for the config file by searching CONFIG_SEARCH_PATH.
    If it can't find a config file, it displays a warning but continues. -- mej */
-
 spif_charptr_t 
 spifconf_find_file(const spif_charptr_t file, const spif_charptr_t dir, const spif_charptr_t pathlist)
 {
     static spif_char_t name[PATH_MAX], full_path[PATH_MAX];
     spif_charptr_t path, p;
-    short maxpathlen;
-    unsigned short len;
+    spif_int32_t len, maxpathlen;
     struct stat fst;
 
     REQUIRE_RVAL(file != NULL, NULL);
@@ -737,6 +735,13 @@ spifconf_find_file(const spif_charptr_t file, const spif_charptr_t dir, const sp
     D_CONF(("spifconf_find_file(\"%s\", \"%s\", \"%s\") called from directory \"%s\".\n",
             file, NONULL(dir), NONULL(pathlist), name));
 
+    /* Make sure our supplied settings don't overflow. */
+    len = strlen(SPIF_CAST_C(char *) file) + ((dir) ? (strlen(SPIF_CAST_C(char *) dir)) : (0)) + 2;
+    if ((len > SPIF_CAST(int32) sizeof(name)) || (len <= 0)) {
+        D_CONF(("Too big.  I lose. :(\n"));
+        return ((spif_charptr_t) NULL);
+    }
+
     if (dir) {
         strcpy(SPIF_CAST_C(char *) name, SPIF_CAST_C(char *) dir);
         strcat(SPIF_CAST_C(char *) name, "/");
@@ -756,7 +761,7 @@ spifconf_find_file(const spif_charptr_t file, const spif_charptr_t dir, const sp
     /* maxpathlen is the longest possible path we can stuff into name[].  The - 2 saves room for
        an additional / and the trailing null. */
     if ((maxpathlen = sizeof(name) - len - 2) <= 0) {
-        D_CONF(("Too big.  I lose. :(\n", name));
+        D_CONF(("Too big.  I lose. :(\n"));
         return ((spif_charptr_t) NULL);
     }
 
diff --git a/src/mbuff.c b/src/mbuff.c
index 39900f2..cc8e95c 100644
--- a/src/mbuff.c
+++ b/src/mbuff.c
@@ -495,7 +495,7 @@ spif_mbuff_reverse(spif_mbuff_t self)
     REQUIRE_RVAL(self->buff != SPIF_NULL_TYPE(byteptr), FALSE);
 
     for (j = 0, i = self->len - 1; i > j; i--, j++) {
-        (void) BINSWAP(tmp[j], tmp[i]);
+        SWAP(tmp[j], tmp[i]);
     }
     return TRUE;
 }
diff --git a/src/obj.c b/src/obj.c
index cabea4e..d1508a1 100644
--- a/src/obj.c
+++ b/src/obj.c
@@ -390,7 +390,7 @@ spif_bool_t
 spif_obj_set_class(spif_obj_t self, spif_class_t cls)
 {
     ASSERT_RVAL(!SPIF_OBJ_ISNULL(self), FALSE);
-    SPIF_OBJ(self)->cls = cls;
+    self->cls = cls;
     return TRUE;
 }
author	Michael Jennings <mej@kainx.org>	2006-01-23 19:31:54 +0000
committer	Michael Jennings <mej@kainx.org>	2006-01-23 19:31:54 +0000
commit	cfbaa60097d20666121258b1213633e56bc9de34 (patch)
tree	fab87b882e604b89f16b8a8720c4a253495917f4
parent	b6c9952112a0e165311d88d8417a59b28dac7da2 (diff)
download	libast-cfbaa60097d20666121258b1213633e56bc9de34.tar.gz