From: Martin DOT Stromberg AT lu DOT erisoft DOT se (Martin Stromberg) Newsgroups: comp.os.msdos.djgpp Subject: Re: Where to get the latest sources for djtar Date: 12 Mar 1998 15:47:06 GMT Organization: Ericsson Erisoft AB, Sweden Lines: 35 Message-ID: <6e901q$qpp$1@antares.lu.erisoft.se> References: NNTP-Posting-Host: propus.lu.erisoft.se To: djgpp AT delorie DOT com DJ-Gateway: from newsgroup comp.os.msdos.djgpp Precedence: bulk Eli Zaretskii (eliz AT is DOT elta DOT co DOT il) wrote: : On 6 Mar 1998, Martin Stromberg wrote: : > Two error conditions, with (at least two) consequences: ungraceful : > handling of the error conditions disk full and too deep directory : > nesting, which result in endless loop or stack overwrite. : The second bug is to the best of my knowledge fixed in the latest : alpha version (you didn't specify the problem precisely, so I can only : guess). But the first bug is not fixed yet; so please submit the : necessary changes. Thanks. Well, I think I still can get a stack overwrite with the latest djtar. Try to "djtar -x" a file containing directories. Then "djtar -x" the same file again. When djtar asks you for a new directory name give it "1" as new directory name. Then "djtar -x" the same file again (again). When djtar asks you for a new directory name give it "1" as new directory name again, then when djtar asks you for a new directory name (as 1 already existed) give it "22". Voila crash is a fact. I think I see the problem in the code but I'm not sure exactly how to fix it: Lines 149-150 of src/utils/djtar/djtar.c are sprintf(new, "%s%s", ch->new, fname+strlen(ch->old)); strcpy(fname, new); This will make the length of new grow and grow and finally overwrite the stack. Any ideas? MartinS