Merge branch 'bug26522' (fe8f7748) · Commits · Mike Perry / Tor

changes/bug26522

0 → 100644

+6 −0

Original line number	Diff line number	Diff line
		o Minor bugfixes (security):
		- Refrain from potentially insecure usage of strncat() in
		configure_backtrace_handler(). Use snprintf() instead.
		Fixes bug 26522; bugfix on
		a969ce464dc23db39725a891d60537f3d3e51b50 (not in any tor
		release).

+3 −6

Original line number	Diff line number	Diff line
		@@ -35,6 +35,7 @@
		#include <errno.h>
		#include <stdlib.h>
		#include <string.h>
		#include <stdio.h>

		#ifdef HAVE_CYGWIN_SIGNAL_H
		#include <cygwin/signal.h>
		@@ -264,16 +265,12 @@ dump_stack_symbols_to_error_fds(void)
		int
		configure_backtrace_handler(const char *tor_version)
		{
		char version[128];
		strncpy(version, "Tor", sizeof(version)-1);
		char version[128] = "Tor\0";

		if (tor_version) {
		strncat(version, " ", sizeof(version)-1);
		strncat(version, tor_version, sizeof(version)-1);
		snprintf(version, sizeof(version), "Tor %s", tor_version);
		}

		version[sizeof(version) - 1] = 0;

		return install_bt_handler(version);
		}