[PATCH 0/3] Fix bugs in udev_rules_apply_format()

[Sergey Vlasov <vsu@altlinux.ru>]

Hello!

Here are fixes for several bugs in udev_rules_apply_format():

 1) fix handling of unknown format elements
 2) don't overflow the buffer when truncating substituted string
 3) do not process substituted value as format string

Without these fixes (especially the last one) udev behaves strangely
when substituting some values (due to reinterpretation of the
substituted string as a format string, which may then abuse the first
two bugs).  The problem may be triggered, e.g., by attaching an USB
storage device with a label containing '$' or '%' characters.

Combined diffstat of all patches:

 udev_rules.c |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)

If you prefer, you may pull these changes from the following git repo
and branch (based on release 104):

  git://git.altlinux.org/people/vsu/packages/udev.git alt-format-fixes

(also available over http: and rsync:, but not really useful due to
packing).

-- 
Sergey Vlasov

-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier.
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid\x120709&bid&3057&dat\x121642
_______________________________________________
Linux-hotplug-devel mailing list  http://linux-hotplug.sourceforge.net
Linux-hotplug-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-hotplug-devel