aboutsummaryrefslogtreecommitdiffstats
path: root/service/src
diff options
context:
space:
mode:
Diffstat (limited to 'service/src')
-rw-r--r--service/src/patches/flagstore1.diff19
-rw-r--r--service/src/patches/flagstore2.diff13
2 files changed, 32 insertions, 0 deletions
diff --git a/service/src/patches/flagstore1.diff b/service/src/patches/flagstore1.diff
new file mode 100644
index 0000000..0b5fe05
--- /dev/null
+++ b/service/src/patches/flagstore1.diff
@@ -0,0 +1,19 @@
+diff --git a/service/src/util.c b/service/src/util.c
+index 31a2628..354bbca 100644
+--- a/service/src/util.c
++++ b/service/src/util.c
+@@ -78,13 +78,12 @@ void
+ freadstr(FILE *f, char **dst)
+ {
+ size_t start, len, tmp;
+- char c;
+
+ /* VULN #1: BAD CAST */
+ /* see documentation/README.md for more details */
+
+ start = ftell(f);
+- for (len = 0; (c = fgetc(f)) != EOF && c; len++);
++ for (len = 0; fgetc(f) > 0; len++);
+ fseek(f, start, SEEK_SET);
+
+ *dst = checkp(calloc(1, len + 1));
diff --git a/service/src/patches/flagstore2.diff b/service/src/patches/flagstore2.diff
new file mode 100644
index 0000000..ef6f524
--- /dev/null
+++ b/service/src/patches/flagstore2.diff
@@ -0,0 +1,13 @@
+diff --git a/service/src/util.c b/service/src/util.c
+index 31a2628..bf272db 100644
+--- a/service/src/util.c
++++ b/service/src/util.c
+@@ -58,7 +58,7 @@ mhash(const char *str, int len)
+ srand(v);
+
+ for (bp = buf, i = 0; i < MHASHLEN / 2; i++)
+- bp += sprintf(bp, "%02x", str[i % len] ^ (rand() % 256));
++ bp += sprintf(bp, "%02x", (unsigned char) str[i % len] ^ (rand() % 256));
+
+ return buf;
+ }
generated by cgit v1.2.3-71-gd317 (git 2.46.0) at 2025-12-01 03:28:58 +0000