[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_4-102-g23e67
|
From: |
Alfred M. Szmidt |
|
Subject: |
[SCM] GNU Inetutils branch, master, updated. inetutils-1_9_4-102-g23e67af |
|
Date: |
Sat, 4 Apr 2020 17:12:55 -0400 (EDT) |
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "GNU Inetutils ".
The branch, master has been updated
via 23e67af2ff21b2676bdc7636144006abd88a1da2 (commit)
from 393f4c6c3e3761ceed843cb3990169a5ef2f89d1 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://git.savannah.gnu.org/cgit/inetutils.git/commit/?id=23e67af2ff21b2676bdc7636144006abd88a1da2
commit 23e67af2ff21b2676bdc7636144006abd88a1da2
Author: Alfred M. Szmidt <address@hidden>
Date: Sat Apr 4 23:10:05 2020 +0200
ChangeLog: Add missing entries.
diff --git a/ChangeLog b/ChangeLog
index 287f5ce..8183e16 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,161 @@
+2020-02-29 Tim Rühsen <address@hidden>
+
+ uucpd: Fix buffer overflows.
+
+ This fixes several missing string termination issues with strncpy.
+ Also REMOTEHOST with size NI_MAXHOST was strcpy'ed into LINE which
+ just had 32 bytes on the stack.
+
+ * src/uucpd.c (dologout): Increase LINE size. Use exisiting SCPYN
+ instead of strncpy.
+ (SCPYN): New macro.
+
+2020-02-29 Tim Rühsen <address@hidden>
+
+ uucpd: Fix heap buffer overflow.
+
+ Usernames >= 56 bytes would overflow the char arrays Username and
+ Logname. This change mitigates this, but still silently truncates
+ these arrays. Silent truncation should be checked throughout the
+ code possibly within a more comprehensive code review.
+
+ * src/uucpd.c (Usernaem, Logname): Increase size to 72 bytes.
+ (doit): Use snprintf instead of sprintf.
+
+2020-02-29 Tim Rühsen <address@hidden>
+
+ telnet: Use strdup instead malloc+strcpy.
+
+ * telnet/commands.c (tn): Use strdup instead malloc/strcpy.
+
+2020-02-29 Tim Rühsen <address@hidden>
+
+ telnet: Fix -Wsign-compare in suboption.
+
+ * telnet/telnet.c (suboption): Explicit cast to int to silence
+ -Wsign-compare.
+
+2020-02-29 Tim Rühsen <address@hidden>
+
+ telnetd: Silence -Wimplicit-fallthrough.
+
+ * telnetd/state.c (willoption): Squeelch warning.
+
+2020-02-29 Tim Rühsen <address@hidden>
+
+ telnetd: Silence unused warning for getterminaltype.
+
+ * telnetd/utility.c (getterminaltype): Squeelch warning.
+
+2020-02-29 Tim Rühsen <address@hidden>
+
+ ftp: Silence -Wimplicit-fallthrough warning.
+
+ * ftp/domacro.c (domacro): Squeelch warning.
+
+2020-02-29 Tim Rühsen <address@hidden>
+
+ ftp: Silence -Wimplicit-fallthrough.
+
+ * ftp/cmds.c (domap): Squeelch warning.
+
+2020-02-29 Tim Rühsen <address@hidden>
+
+ ftp: Fix multipliers for M(ega) and G(iga).
+
+ This is *not* a fix as the comment accidentally states. It is to
+ silence -Wimplicit-fallthrough and to avoid multiple
+ multiplications in case of a non-optimized build. The HASHBYTES
+ type needs to be reviewed later as g/G only allows digits 1 and 2
+ without integer overflow, which is undefined behavior.
+
+ * ftp/cmds.c (sethash): Remove cascaded multiplications.
+
+2020-02-29 Tim Rühsen <address@hidden>
+
+ ftp: Fix return value of remglob.
+
+ * ftp/cmds.c (remglob): Turn around NULL check.
+
+2020-02-29 Tim Rühsen <address@hidden>
+
+ ftp: Fix possible buffer overflow.
+
+ * ftp/ftp.c (hookup): Terminate string after strncpy.
+
+2020-02-29 Tim Rühsen <address@hidden>
+
+ ftp: Fix 2x misuse of strncpy (read buffer overflow).
+
+ * ftp/ftp.c (pswitch): Correctly set the terminating NUL.
+
+2020-02-29 Tim Rühsen <address@hidden>
+
+ talk: Fix uninitialized variable NREADY.
+
+ * talk/ctl_transact.c (ctl_transact): Initialize NREADY to 0.
+
+2020-02-29 Tim Rühsen <address@hidden>
+
+ whois: Silence -Wimplicit-fallthrough.
+
+ * whois/whois.c (main): Squeelch warnings.
+
+2020-02-29 Tim Rühsen <address@hidden>
+
+ ping, ping6: Silence -Wimplicit-fallthrough.
+
+ * ping/ping.c (parse_opt): Squeelch warnings.
+ * ping/ping6.c (parse_opt): Likewise.
+
+2020-02-17 Tim Rühsen <address@hidden>
+
+ ping6: Fix memleak in ping_set_dest.
+
+ * ping/ping6.c (ping_set_dest): Rerrange code to avoid memory
+ leak.
+ * ping/ping6.h (ping_set_dest): Change type; update callees.
+
+2020-02-17 Tim Rühsen <address@hidden>
+
+ ping: Fix memleak in ping_set_dest.
+
+ * ping/libping.c (ping_set_dest): Rerrange code to avoid memory
+ leak.
+ * ping/ping.h (ping_set_dest): Change type; update callees.
+
+2020-02-16 Tim Rühsen <address@hidden>
+
+ libls: Remove unused variable kflag.
+
+ * libls/ls.c (ls_main): Remove unused variable.
+
+2020-02-16 Tim Rühsen <address@hidden>
+
+ ftpd: Fix multiple definition (GCC 10).
+
+ * ftpd/extern.h (errcatch): Declare as extern.
+ * ftpd/ftpd.c (errcatch): Define variable.
+
+2020-02-16 Tim Rühsen <address@hidden>
+
+ telnetd: Fix multiple definition (GCC 10).
+
+ * telnetd/utility.c (not42): Declare as extern.
+
+2020-02-16 Tim Rühsen <address@hidden>
+
+ * src/rcp.c (tolocal): Remove unused variable LEN.
+
+2020-02-16 Tim Rühsen <address@hidden>
+
+ telnet: Fix silent truncation (off-by-one check)
+
+ If the DISPLAY variable had exactly 44 bytes, the SE byte (end sub
+ negotiation) was silently truncated.
+
+ * telnet/telnet.c (suboption): Use >= instead of >.
+
2020-02-21 Mats Erik Andersson <address@hidden>
Various compiler warnings, getting closer to `-Werror'.
-----------------------------------------------------------------------
Summary of changes:
ChangeLog | 158 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 158 insertions(+)
hooks/post-receive
--
GNU Inetutils
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [SCM] GNU Inetutils branch, master, updated. inetutils-1_9_4-102-g23e67af,
Alfred M. Szmidt <=