On Mon, Nov 10, 2008 at 20:35, Aaron Griffin <aaronmgriffin@gmail.com> wrote:
On Mon, Nov 10, 2008 at 12:24 PM, Johannes Krampf <Johannes.Krampf@htw-dresden.de> wrote:
Hi,
I've found a small compatibility problem and static checking a minor buffer overflow in libdownload. Please excuse if this should already be fixed in git.
Here's the patch, <stdint.h> is included for uintptr_t and fscanf writes a trailing \0, therefore requiring 1025 bytes in the worst case:
Just an FYI, NetBSD's libfetch code compiles on linux with a minor modification. So I think we're planning on switching to that.
...and that bug is fixed there long before in FreeBSD's libfetch. Thanks for info, Aaron! I wasn't aware that NetBSD has their own libfetch. Looks like NetBSD's libfetch was heavily reworked in some places, including some new features added. The only thing it's missing from FreeBSD's lbfetch is support for HTTP 1.1 If-Modified-Since behavior (which was only added less than 2 weeks ago). There's one Linux-compatability fix after 2.20: http://cvsweb.se.netbsd.org/cgi-bin/bsdweb.cgi/pkgsrc/net/libfetch/files/ftp... Not sure if it's important enough for us though. -- Roman Kyrylych (Роман Кирилич)