In-Reply-To: <20040919041243.22505.qmail (at) www.securityfocus (dot) com [email concealed]>
The glFTPd dupescan utility is an extra tool provided by the glFTPd team to give users the possibility to search the dupelog from the shell. glFTPd does not use this program for normal operation.
A patch to fix this problem has been made available on the glFTPd homepage (http://www.glftpd.com) and will be included in the next release. Below i have included the patch.
The glFTPd dupescan utility is an extra tool provided by the glFTPd team to give users the possibility to search the dupelog from the shell. glFTPd does not use this program for normal operation.
A patch to fix this problem has been made available on the glFTPd homepage (http://www.glftpd.com) and will be included in the next release. Below i have included the patch.
--- dupescan.pactch ---
--- bin/sources/dupescan.c 2003-11-24 14:52:14.000000000 +0100
+++ bin/sources/dupescan.c 2004-09-19 14:23:04.000000000 +0200
@@ -51,7 +51,8 @@
read_conf_datapath(Temp);
sprintf(dupefile, "%s/logs/dupefile", Temp);
- strcpy(dupename, argv[1]);
+ strncpy(dupename, argv[1], sizeof(dupename)-1);
+ dupename[sizeof(dupename)-1] = '\0';
if((fp = fopen(dupefile, "r")) == NULL)
return 0;
--- dupescan.pactch ---
[ reply ]