Package: xsoldier / 1:1.8-4
Patch seriesview the series file
|bad sprintf.diff | (download)||
2 1 + 1 - 0 !
fixes insecure sprintf() This patch replaces sprintf(to, from) with strcpy(to, from). Using sprintf() in this way is dangerous because the string "from" may include conversion specifications such as "%s".
|array size calculation.diff | (download)||
fixes possibly wrong array size calculation with sizeof() This patch replaces sizeof(array) with sizeof(array)/sizeof(array) when the program calculates the size of the array. Although all arrays handled in this way are arrays of char, there may be an architecture where sizeof(char) is not 1.