From 9894d59925a062d7538e8ee7442911618a877c97 Mon Sep 17 00:00:00 2001
From: Jim Meyering <jim@meyering.net>
Date: Sat, 12 Mar 2005 10:59:38 +0000
Subject: *** empty log message ***

---
 ChangeLog | 17 ++++++++++++++++-
 1 file changed, 16 insertions(+), 1 deletion(-)

(limited to 'ChangeLog')

diff --git a/ChangeLog b/ChangeLog
index cbe42c11b..d54c3c09e 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,7 +1,22 @@
-2005-03-11  Paul Eggert  <eggert@cs.ucla.edu>
+2005-03-12  Jim Meyering  <jim@meyering.net>
 
 	* Version 5.3.1.
 
+	Add a little infrastructure to help prevent future bugs like the
+	one fixed below.
+	* src/stat.c (xstrcat): New function.
+	(print_statfs, print_stat): Add buf_len parameter and convert all
+	uses of strcat to xstrcat.  Update callers.
+	(print_it): Call print_func with buf_len parameter.
+
+	Invoking stat -c FMT with a lone format directive of %s, %f, %h, %s,
+	could cause a buffer overrun error.
+	* src/stat.c (print_it): Allocate 2 more bytes, to accommodate our
+	conversion of the stat %s format string to the longer printf %llu one.
+	Patch from Guochun Shi.
+
+2005-03-11  Paul Eggert  <eggert@cs.ucla.edu>
+
 	* src/ls.c (TIME_STAMP_LEN_MAXIMUM): New constant.
 	(long_time_expected_width, print_long_format): Use it, to avoid
 	some possible denial-of-service attacks.
-- 
cgit v1.2.3-70-g09d2