john@frog.UUCP (John Woods) (08/08/90)
There is a minor bug in the cgtdate() routine in funcs2.c (I believe I
have B news patched to 2.19). If a particularly long and ill-formed Expires:
line is found in an article, a buffer on the stack can be overflowed, with
varying consequences depending on the layout of the variables on the stack.
The fix is something like:
*** funcs2.c.old Tue Aug 7 12:30:44 1990
--- funcs2.c Tue Aug 7 12:29:38 1990
***************
*** 221,227 ****
lasttime = getdate(lastdatestr, &Now);
if (lasttime < 0) {
logerr("%s: Unparsable date \"%s\"", filename, lastdatestr);
! if (sscanf(lastdatestr, "%s %s %s %s %s",
junk, month, day, tod,
year) == 5) {
(void) sprintf(bfr, "%s %s, %s %s", month, day, year,
--- 221,227 ----
lasttime = getdate(lastdatestr, &Now);
if (lasttime < 0) {
logerr("%s: Unparsable date \"%s\"", filename, lastdatestr);
! if (sscanf(lastdatestr, "%39s %39s %29s %59s %49s",
junk, month, day, tod,
year) == 5) {
(void) sprintf(bfr, "%s %s, %s %s", month, day, year,
--
John Woods, Charles River Data Systems, Framingham MA, (508) 626-1101
...!decvax!frog!john, john@frog.UUCP, ...!mit-eddie!jfw, jfw@eddie.mit.edu