Loading pkgs/by-name/sc/screen/buffer-overflow-SendCmdMessage.patchdeleted 100644 → 0 +0 −13 Original line number Diff line number Diff line --- a/attacher.c 2025-02-24 20:15:31.701820351 +0100 +++ b/attacher.c 2025-02-24 20:17:05.893826559 +0100 @@ -461,8 +461,8 @@ size_t len; len = strlen(*av) + 1; if (p + len >= m.m.command.cmd + ARRAY_SIZE(m.m.command.cmd) - 1) - break; + Panic(0, "Total length of the command to send too large.\n"); - strncpy(p, *av, MAXPATHLEN); + memcpy(p, *av, len); p += len; } *p = 0; pkgs/by-name/sc/screen/package.nix +2 −9 Original line number Diff line number Diff line Loading @@ -10,11 +10,11 @@ stdenv.mkDerivation rec { pname = "screen"; version = "5.0.0"; version = "5.0.1"; src = fetchurl { url = "mirror://gnu/screen/screen-${version}.tar.gz"; hash = "sha256-8Eo50AoOXHyGpVM4gIkDCCrV301z3xov00JZdq7ZSXE="; hash = "sha256-La429Ns3n/zRS2kVlrpuwYrDqeIrxHrCOXiatYQJhp0="; }; configureFlags = [ Loading @@ -25,13 +25,6 @@ stdenv.mkDerivation rec { # We need _GNU_SOURCE so that mallocmock_reset() is defined: https://savannah.gnu.org/bugs/?66416 NIX_CFLAGS_COMPILE = "-D_GNU_SOURCE=1 -Wno-int-conversion -Wno-incompatible-pointer-types"; patches = [ # GNU Screen 5.0 uses strncpy incorrectly in SendCmdMessage # This causes issues detected when using -D_FORTIFY_SOURCE=3 # e.g. https://savannah.gnu.org/bugs/index.php?66215 ./buffer-overflow-SendCmdMessage.patch ]; nativeBuildInputs = [ autoreconfHook ]; Loading Loading
pkgs/by-name/sc/screen/buffer-overflow-SendCmdMessage.patchdeleted 100644 → 0 +0 −13 Original line number Diff line number Diff line --- a/attacher.c 2025-02-24 20:15:31.701820351 +0100 +++ b/attacher.c 2025-02-24 20:17:05.893826559 +0100 @@ -461,8 +461,8 @@ size_t len; len = strlen(*av) + 1; if (p + len >= m.m.command.cmd + ARRAY_SIZE(m.m.command.cmd) - 1) - break; + Panic(0, "Total length of the command to send too large.\n"); - strncpy(p, *av, MAXPATHLEN); + memcpy(p, *av, len); p += len; } *p = 0;
pkgs/by-name/sc/screen/package.nix +2 −9 Original line number Diff line number Diff line Loading @@ -10,11 +10,11 @@ stdenv.mkDerivation rec { pname = "screen"; version = "5.0.0"; version = "5.0.1"; src = fetchurl { url = "mirror://gnu/screen/screen-${version}.tar.gz"; hash = "sha256-8Eo50AoOXHyGpVM4gIkDCCrV301z3xov00JZdq7ZSXE="; hash = "sha256-La429Ns3n/zRS2kVlrpuwYrDqeIrxHrCOXiatYQJhp0="; }; configureFlags = [ Loading @@ -25,13 +25,6 @@ stdenv.mkDerivation rec { # We need _GNU_SOURCE so that mallocmock_reset() is defined: https://savannah.gnu.org/bugs/?66416 NIX_CFLAGS_COMPILE = "-D_GNU_SOURCE=1 -Wno-int-conversion -Wno-incompatible-pointer-types"; patches = [ # GNU Screen 5.0 uses strncpy incorrectly in SendCmdMessage # This causes issues detected when using -D_FORTIFY_SOURCE=3 # e.g. https://savannah.gnu.org/bugs/index.php?66215 ./buffer-overflow-SendCmdMessage.patch ]; nativeBuildInputs = [ autoreconfHook ]; Loading
