From 5cdb118820311bce809837164c571e5a5c2ca39b Mon Sep 17 00:00:00 2001 From: Wichert Akkerman Date: Wed, 18 Oct 2000 23:04:24 +0000 Subject: [PATCH] fix a buffer overflow in cmdname handling Only abort if we fail to open an existing pidfile --- ChangeLog | 6 ++++++ debian/changelog | 4 ++++ utils/start-stop-daemon.c | 14 ++++++++------ 3 files changed, 18 insertions(+), 6 deletions(-) diff --git a/ChangeLog b/ChangeLog index 0cfc6f6a..ba2c0591 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,9 @@ +Thu Oct 19 00:59:40 CEST 2000 Wichert Akkerman + + * utils/start-stop-daemon.c + + fix a buffer overflow in cmdname handling + + Only abort if we fail to open an existing pidfile + Wed Oct 18 17:48:15 CEST 2000 Wichert Akkerman * scripts/dpkg-source.pl: patch from Colin Watson to not rename a diff --git a/debian/changelog b/debian/changelog index 5f18967b..444028e9 100644 --- a/debian/changelog +++ b/debian/changelog @@ -32,6 +32,10 @@ dpkg (1.7.0) unstable; urgency=low * dpkg-scanpackages now uses the most recent version if multiple versions of a package are found. * don't rename a file to itself in dpkg-source. Closes: Bug#75060 + * Fix buffer overflow in cmdname handling in start-stop-daemon. + Closes: Bug#75103 + * Don't abort if start-stop-daemon tries to read a non-existing pidfile. + Closes: Bug#75105 -- Wichert Akkerman UNRELEASED diff --git a/utils/start-stop-daemon.c b/utils/start-stop-daemon.c index 91eb6e1e..2b67b5ae 100644 --- a/utils/start-stop-daemon.c +++ b/utils/start-stop-daemon.c @@ -473,7 +473,9 @@ do_pidfile(const char *name) if (fscanf(f, "%d", &pid) == 1) check(pid); fclose(f); - } + } else if (errno != ENOENT) + fatal("open pidfile %s: %s", name, strerror(errno)); + } /* WTA: this needs to be an autoconf check for /proc/pid existance. @@ -541,18 +543,18 @@ do_procinit(void) static int do_stop(void) { - char what[1024]; + char what[2048]; struct pid_list *p; int retval = 0; if (cmdname) - strcpy(what, cmdname); + snprintf(what, sizeof(what), "%s", cmdname); else if (execname) - strcpy(what, execname); + snprintf(what, sizeof(what), "%s", execname); else if (pidfile) - sprintf(what, "process in pidfile `%s'", pidfile); + snprintf(what, sizeof(what), "process in pidfile `%s'", pidfile); else if (userspec) - sprintf(what, "process(es) owned by `%s'", userspec); + snprintf(what, sizeof(what), "process(es) owned by `%s'", userspec); else fatal("internal error, please report"); -- 2.39.5