From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <vsu@altlinux.ru>
X-Spam-Checker-Version: SpamAssassin 3.2.3 (2007-08-08) on sa.int.altlinux.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.3 required=5.0 tests=BAYES_00
	autolearn=unavailable version=3.2.3
Date: Tue, 22 Apr 2008 17:11:45 +0400
From: Sergey Vlasov <vsu@altlinux.ru>
To: devel@lists.altlinux.org
Message-ID: <20080422131145.GE25200@newmaster.mivlgu.local>
Mail-Followup-To: devel@lists.altlinux.org
References: <480DD7C0.10109@altlinux.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="bi5JUZtvcfApsciF"
Content-Disposition: inline
In-Reply-To: <480DD7C0.10109@altlinux.org>
Subject: Re: [devel] Buffer overflow - help needed
X-BeenThere: devel@lists.altlinux.org
X-Mailman-Version: 2.1.10b3
Precedence: list
Reply-To: ALT Linux Team development discussions <devel@lists.altlinux.org>
List-Id: ALT Linux Team development discussions <devel.lists.altlinux.org>
List-Unsubscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=unsubscribe>
List-Archive: <http://lists.altlinux.org/pipermail/devel>
List-Post: <mailto:devel@lists.altlinux.org>
List-Help: <mailto:devel-request@lists.altlinux.org?subject=help>
List-Subscribe: <https://lists.altlinux.org/mailman/listinfo/devel>,
	<mailto:devel-request@lists.altlinux.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Apr 2008 13:11:59 -0000
Archived-At: <http://lore.altlinux.org/devel/20080422131145.GE25200@newmaster.mivlgu.local/>
List-Archive: <http://lore.altlinux.org/devel/>
List-Post: <mailto:devel@altlinux.org>


--bi5JUZtvcfApsciF
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Apr 22, 2008 at 04:19:12PM +0400, Vitaly Ostanin wrote:
> =E5=D3=D4=D8 =D4=C1=CB=C1=D1 =D0=D2=CF=C2=CC=C5=CD=C1:
> https://bugzilla.altlinux.org/show_bug.cgi?id=3D15284
>=20
> =ED=CF=C5=C7=CF =CB=D5=CE=C6=D5 =CE=C1 =CE=C5=A3 =D0=CF=CB=C1 =CE=C5 =C8=
=D7=C1=D4=C1=C5=D4. =E5=D3=CC=C9 =DA=CE=C1=D4=CF=CB=C9 C =D0=CF=D3=CD=CF=D4=
=D2=D1=D4 =C9
> =D3=CB=C1=D6=D5=D4, =CB=C1=CB =C9=D3=D0=D2=C1=D7=C9=D4=D8, =C2=D5=C4=C5=
=D4 =CF=DE=C5=CE=D8 =DA=C4=CF=D2=CF=D7=CF. =F0=CF=D3=CD=CF=D4=D2=C5=D4=D8 =
=CD=CF=D6=CE=CF =C4=CC=D1
> =D3=CB=CF=D2=CF=D3=D4=C9 =DA=C4=C5=D3=D8:
>=20
> http://git.altlinux.org/people/bga/packages/?p=3Damanda.git;a=3Dblob;f=3D=
amanda/common-src/match.c;h=3Ddba15c802c28add576135af2f4a85476a2ccfd57;hb=
=3Dc7308c105b84b606039fb617cc7fe2bd7799f1a9#l533

=F7=CF-=D0=C5=D2=D7=D9=C8, =D4=CF=D4, =CB=D4=CF =D7=D9=DA=D7=C1=CC amfetchd=
ump =D4=C1=CB=C9=CD =CF=C2=D2=C1=DA=CF=CD, =CE=C5 =C4=CF=DE=C9=D4=C1=CC
amanda(8) =D7 =DE=C1=D3=D4=C9 DATESTAMP EXPRESSION - =C4=C1=D4=C1 =C4=CF=CC=
=D6=CE=C1 =DA=C1=D0=C9=D3=D9=D7=C1=D4=D8=D3=D1 =C2=C5=DA
'-', =DC=D4=CF=D4 =D3=C9=CD=D7=CF=CC =C9=D3=D0=CF=CC=D8=DA=D5=C5=D4=D3=D1 =
=CB=C1=CB =D2=C1=DA=C4=C5=CC=C9=D4=C5=CC=D8 =D0=D2=C9 =D5=CB=C1=DA=C1=CE=C9=
=C9 =C4=C9=C1=D0=C1=DA=CF=CE=C1.

=F7=CF-=D7=D4=CF=D2=D9=C8, =C6=D5=CE=CB=C3=C9=D1 match_datestamp() =CE=C1=
=D0=C9=D3=C1=CE=C1 =CF=D4=D7=D2=C1=D4=C9=D4=C5=CC=D8=CE=CF -
=CE=C1=D0=D2=C9=CD=C5=D2, =CB=CF=C4 =D7=C9=C4=C1

        strncpy(mydateexp, dateexp, strlen(dateexp));

=CE=C1=D7=CF=C4=C9=D4 =CE=C1 =CD=D9=D3=CC=C9, =DE=D4=CF =D0=C9=D3=C1=D7=DB=
=C9=CA =C5=C7=CF =CE=C5 =D0=CF=CE=C9=CD=C1=CC, =DE=D4=CF =C4=C5=CC=C1=C5=D4=
 strncpy() =C9
=DA=C1=DE=C5=CD =CE=D5=D6=CE=C1 =DC=D4=C1 =C6=D5=CE=CB=C3=C9=D1.  =E4=C1=CC=
=D8=DB=C5 =C5=D3=D4=D8 =D5=D3=CC=CF=D7=C9=C5, =CB=CF=D4=CF=D2=CF=C5 =CE=C9=
=CB=CF=C7=C4=C1 =CE=C5
=CD=CF=D6=C5=D4 =D7=D9=D0=CF=CC=CE=C9=D4=D8=D3=D1:

    if(mydateexp[strlen(mydateexp)] =3D=3D '$') {

(=CF=DE=C5=D7=C9=C4=CE=CF, =D4=D5=D4 =CE=D5=D6=CE=CF strlen(mydateexp)-1 =
=C9 =D0=C5=D2=C5=C4 =CE=C9=CD =D0=D2=CF=D7=C5=D2=CB=C1 =CE=C1
=D0=D5=D3=D4=D5=C0 =D3=D4=D2=CF=CB=D5).

=EE=C1=CB=CF=CE=C5=C3, =C4=C1=CC=D8=DB=C5 =CE=C1=C8=CF=C4=C9=D4=D3=D1 =D7=
=CF=D4 =D4=C1=CB=CF=CA =CB=D5=D3=CF=CB:

    if((dash =3D strchr(mydateexp,'-'))) {
        if(match_exact =3D=3D 1) {
            error("Illegal datestamp expression %s",dateexp);
            /*NOTREACHED*/
        }
        len =3D (size_t)(dash - mydateexp);
        len_suffix =3D strlen(dash) - 1;
        len_prefix =3D len - len_suffix;

=F0=D2=C9 =D0=C5=D2=C5=C4=C1=DE=C5 =CE=C5=C4=CF=D0=D5=D3=D4=C9=CD=CF=C7=CF =
=D0=C1=D2=C1=CD=C5=D4=D2=C1 =D7=C9=C4=C1 "2008-04-09" =D0=CF=CC=D5=DE=C1=C5=
=D4=D3=D1
len_suffix > len, =CF=C4=CE=C1=CB=CF =DC=D4=CF =CE=C5 =D0=D2=CF=D7=C5=D2=D1=
=C5=D4=D3=D1, =D7 =D2=C5=DA=D5=CC=D8=D4=C1=D4=C5 =D0=CF=D3=CC=C5=C4=D5=C0=
=DD=C9=CA
=D7=D9=DA=CF=D7 strncpy(lastdate, mydateexp, len_prefix) =D0=D2=C9=D7=CF=C4=
=C9=D4 =CB =D0=C5=D2=C5=D0=CF=CC=CE=C5=CE=C9=C0
=C2=D5=C6=C5=D2=C1.

=F4=C5 =D6=C5 =D3=C1=CD=D9=C5 =CF=DB=C9=C2=CB=C9 =D0=CF=D7=D4=CF=D2=D1=C0=
=D4=D3=D1 =C4=C1=CC=D8=DB=C5 =D7 =C6=D5=CE=CB=C3=C9=C9 match_level() (=C9
=D7=CF=CF=C2=DD=C5 =DC=D4=C9 =C6=D5=CE=CB=C3=C9=C9 =CF=D4=CC=C9=DE=C1=C0=D4=
=D3=D1 =D4=CF=CC=D8=CB=CF =D4=C5=CB=D3=D4=CF=CD =D3=CF=CF=C2=DD=C5=CE=C9=D1=
 =CF=C2 =CF=DB=C9=C2=CB=C5).

--bi5JUZtvcfApsciF
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFIDeQRW82GfkQfsqIRAvLqAKCJ7GZPshkwWBWoO/SMeJGM8OnLxQCfSyOB
Ej9JvYGFqMbuQ3edEbrPscs=
=B6gk
-----END PGP SIGNATURE-----

--bi5JUZtvcfApsciF--