| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| bad-sprintf.diff | fixes insecure sprintf() This patch replaces sprintf(to, from) with strcpy(to, from). Using sprintf() in this way is dangerous because the string "from" may include conversion specifications such as "%s". |
Oohara Yuuma <oohara@debian.org> | no | 2012-02-08 | ||
| array-size-calculation.diff | fixes possibly wrong array size calculation with sizeof() This patch replaces sizeof(array) with sizeof(array)/sizeof(array[0]) when the program calculates the size of the array. Although all arrays handled in this way are arrays of char, there may be an architecture where sizeof(char) is not 1. |
Oohara Yuuma <oohara@debian.org> | no | 2012-02-08 |