cvs-cvs
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Cvs-cvs] ccvs ChangeLog NEWS src/ChangeLog src/login.c


From: Derek Robert Price
Subject: [Cvs-cvs] ccvs ChangeLog NEWS src/ChangeLog src/login.c
Date: Wed, 28 Jun 2006 14:25:27 +0000

CVSROOT:        /cvsroot/cvs
Module name:    ccvs
Changes by:     Derek Robert Price <dprice>     06/06/28 14:25:26

Modified files:
        .              : ChangeLog NEWS 
        src            : ChangeLog login.c 

Log message:
        Merge changes from 1.11.x.

CVSWeb URLs:
http://cvs.savannah.gnu.org/viewcvs/ccvs/ChangeLog?cvsroot=cvs&r1=1.1323&r2=1.1324
http://cvs.savannah.gnu.org/viewcvs/ccvs/NEWS?cvsroot=cvs&r1=1.358&r2=1.359
http://cvs.savannah.gnu.org/viewcvs/ccvs/src/ChangeLog?cvsroot=cvs&r1=1.3459&r2=1.3460
http://cvs.savannah.gnu.org/viewcvs/ccvs/src/login.c?cvsroot=cvs&r1=1.87&r2=1.88

Patches:
Index: ChangeLog
===================================================================
RCS file: /cvsroot/cvs/ccvs/ChangeLog,v
retrieving revision 1.1323
retrieving revision 1.1324
diff -u -b -r1.1323 -r1.1324
--- ChangeLog   27 Jun 2006 16:38:03 -0000      1.1323
+++ ChangeLog   28 Jun 2006 14:25:26 -0000      1.1324
@@ -1,3 +1,8 @@
+2006-06-28  Derek Price  <address@hidden>
+
+       [bug #16961]
+       * NEWS: Note double-free fix.
+
 2006-06-27  Mark D. Baushke  <address@hidden>
 
        * configure: Regenerated.

Index: NEWS
===================================================================
RCS file: /cvsroot/cvs/ccvs/NEWS,v
retrieving revision 1.358
retrieving revision 1.359
diff -u -b -r1.358 -r1.359
--- NEWS        26 Jun 2006 21:23:53 -0000      1.358
+++ NEWS        28 Jun 2006 14:25:26 -0000      1.359
@@ -23,6 +23,13 @@
 
 BUG FIXES
 
+* Thanks to a report and patch from <address@hidden>, potential stack
+  corruption during pserver login is avoided (bug #16961).
+
+* The CVS client again correctly reports files with conflicts when using
+  servers running CVS 1.11.20/1.12.12, or earlier (and maybe 3rd party
+  servers).
+
 * The GSSAPI server should now build under HP-UX.
 
 * `cvs rtag' now correctly tags files that have been removed from the trunk.

Index: src/ChangeLog
===================================================================
RCS file: /cvsroot/cvs/ccvs/src/ChangeLog,v
retrieving revision 1.3459
retrieving revision 1.3460
diff -u -b -r1.3459 -r1.3460
--- src/ChangeLog       26 Jun 2006 21:23:53 -0000      1.3459
+++ src/ChangeLog       28 Jun 2006 14:25:26 -0000      1.3460
@@ -1,3 +1,9 @@
+2006-06-28  Derek Price  <address@hidden>
+
+       [bug #16961]
+       * login.c (get_cvs_password): Return copy of global variable.
+       (Patch from <address@hidden>.)
+
 2006-06-24  Mark D. Baushke  <address@hidden>
 
        * rcs.c (RCS_check_tag): Revert last change.

Index: src/login.c
===================================================================
RCS file: /cvsroot/cvs/ccvs/src/login.c,v
retrieving revision 1.87
retrieving revision 1.88
diff -u -b -r1.87 -r1.88
--- src/login.c 4 May 2006 14:55:32 -0000       1.87
+++ src/login.c 28 Jun 2006 14:25:26 -0000      1.88
@@ -572,9 +572,10 @@
 
 
 
-/* Returns the _scrambled_ password.  The server must descramble
-   before hashing and comparing.  If password file not found, or
-   password not found in the file, just return NULL. */
+/* Returns the _scrambled_ password in freshly allocated memory.  The server
+ * must descramble before hashing and comparing.  If password file not found,
+ * or password not found in the file, just return NULL.
+ */
 char *
 get_cvs_password (void)
 {
@@ -585,7 +586,7 @@
        context, then assume they have supplied the correct, scrambled
        password. */
     if (cvs_password)
-       return cvs_password;
+       return xstrdup (cvs_password);
 
     if (getenv ("CVS_PASSWORD") != NULL)
     {




reply via email to

[Prev in Thread] Current Thread [Next in Thread]