diff options
author | Denis Vlasenko | 2006-09-03 16:33:58 +0000 |
---|---|---|
committer | Denis Vlasenko | 2006-09-03 16:33:58 +0000 |
commit | 1da6a2166621d26f84cfb9b8711ded657fdf8d37 (patch) | |
tree | 7d6dabb6e5fd834703b9db810393ad0d514aac47 | |
parent | 21afc7dc291f1cb11feec7a9766bf3542545f581 (diff) | |
download | busybox-1da6a2166621d26f84cfb9b8711ded657fdf8d37.zip busybox-1da6a2166621d26f84cfb9b8711ded657fdf8d37.tar.gz |
dpkg: fix buffer overflow (bug 983)
-rw-r--r-- | archival/dpkg.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/archival/dpkg.c b/archival/dpkg.c index 0e57720..ac46833 100644 --- a/archival/dpkg.c +++ b/archival/dpkg.c @@ -1522,6 +1522,7 @@ static void unpack_package(deb_file_t *deb_file) const unsigned int status_num = search_status_hashtable(package_name); const unsigned int status_package_num = status_hashtable[status_num]->package; char *info_prefix; + char *list_filename; archive_handle_t *archive_handle; FILE *out_stream; llist_t *accept_list = NULL; @@ -1570,8 +1571,8 @@ static void unpack_package(deb_file_t *deb_file) unpack_ar_archive(archive_handle); /* Create the list file */ - strcat(info_prefix, "list"); - out_stream = xfopen(info_prefix, "w"); + list_filename = bb_xasprintf("/var/lib/dpkg/info/%s.list", package_name); + out_stream = bb_xfopen(list_filename, "w"); while (archive_handle->sub_archive->passed) { /* the leading . has been stripped by data_extract_all_prefix already */ fputs(archive_handle->sub_archive->passed->data, out_stream); @@ -1585,6 +1586,7 @@ static void unpack_package(deb_file_t *deb_file) set_status(status_num, "unpacked", 3); free(info_prefix); + free(list_filename); } static void configure_package(deb_file_t *deb_file) |