[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-commits
Subject: KDE_3_0_BRANCH: kdenetwork/lanbrowsing/lisa
From: Alexander Neundorf <neundorf () kde ! org>
Date: 2002-10-31 22:46:57
[Download RAW message or body]
CVS commit by neundorf:
fixing security vulnerabilty (root exploit) in reslisa
Alex
--- netmanager.cpp 2002/02/02 10:30:58 1.14
+++ netmanager.cpp 2002/10/31 22:45:43
@@ -131,14 +131,25 @@ int NetManager::prepare()
m_listenFD=::socket(AF_LOCAL, SOCK_STREAM, 0);
//m_listenFD=::socket(AF_LOCAL, SOCK_STREAM, IPPROTO_TCP);
MyString socketName("/tmp/resLisa-");
- socketName+=getenv("LOGNAME");
+ char *logname=getenv("LOGNAME");
+ if (strlen(logname)>60)
+ {
+ std::cout<<"NetManager::prepare: your logname \""<<logname<<"\"
is longer than 60 characters, exiting."<<std::endl;
+ return 0;
+ }
+ socketName+=logname;
::unlink(socketName.data());
sockaddr_un serverAddr;
// bzero((char*)&serverAddr, sizeof(serverAddr));
memset((void*)&serverAddr, 0, sizeof(serverAddr));
serverAddr.sun_family = AF_LOCAL;
strcpy(serverAddr.sun_path,socketName.data());
M +14 -3 netmanager.cpp 1.14.2.1
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic