1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
|
Description: check bounds of HOME environment variable
After performing a minimal source code audit I noticed that
gemdropx contains a lack of bounds checking on it's use of the
HOME environmental variable.
.
As the game isn't setuid/setgid it's not a security issue, but
it's probably something that should be fixed regardless.
Author: Steve Kemp <steve@steve.org.uk>
Bug-Debian: http://bugs.debian.org/203244
Reviewed-By: Christian T. Steigies <cts@debian.org>
Last-Update: 2003-07-28
--- gemdropx-0.9.orig/gemdropx.c
+++ gemdropx-0.9/gemdropx.c
@@ -2655,7 +2655,11 @@ int main(int argc, char * argv[])
/* Get max level: */
- sprintf(datafile, "%s/.gemdropx", getenv("HOME"));
+ if ( getenv("HOME" ) != NULL )
+ {
+ memset(datafile, '\0', sizeof(datafile));
+ snprintf(datafile,sizeof(datafile)-1, "%s/.gemdropx", getenv("HOME"));
+ }
fi = fopen(datafile, "r");
if (fi != NULL)
|
