Simple patch to fix the overflow found in atftpd by Rick Patel.
bbb74dfb5d52103ab35a78f731663aae5244b396ecaa1b98451767508ae1c094
--- tftpd_file.c Tue Mar 12 05:26:18 2002
+++ tftpd_file_diff.c Thu Jun 5 20:31:06 2003
@@ -357,7 +357,8 @@
else
{
strcpy(filename, directory);
- strncat(filename, data->tftp_options[OPT_FILENAME].value, VAL_SIZE);
+ strncat(filename, data->tftp_options[OPT_FILENAME].value,
+ VAL_SIZE - strlen( directory ) - 1 );
}
/* If the filename contain /../ sequences, we forbid the access */