From 49427f6fa3d1c89666013ec0f6f7e547ad150b7f Mon Sep 17 00:00:00 2001
From: "Gleb O. Raiko" <raiko@niisi.msk.ru>
Date: Sat, 22 Oct 2011 17:33:02 +0400
Subject: [PATCH 1/2] Fix potential buffer overflow when getting a shell from
 the command line

---
 su.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/su.c b/su.c
index add619a..7ece49d 100755
--- a/su.c
+++ b/su.c
@@ -318,7 +318,8 @@ int main(int argc, char *argv[])
             }
         } else if (!strcmp(argv[i], "-s") || !strcmp(argv[i], "--shell")) {
             if (++i < argc) {
-                strcpy(shell, argv[i]);
+                strncpy(shell, argv[i], sizeof(shell));
+                shell[sizeof(shell) - 1] = 0;
             } else {
                 usage();
             }

From a1855463d26d78a47cd00355e33ba9a4ec473f9a Mon Sep 17 00:00:00 2001
From: "Gleb O. Raiko" <raiko@niisi.msk.ru>
Date: Sat, 22 Oct 2011 19:19:05 +0400
Subject: [PATCH 2/2] Fix db double close

---
 su.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/su.c b/su.c
index 7ece49d..8a18b46 100755
--- a/su.c
+++ b/su.c
@@ -396,6 +396,7 @@ int main(int argc, char *argv[])
         // Close the database, we're done with it. If it stays open,
         // it will cause problems
         sqlite3_close(db);
+        db = NULL;
         LOGE("sudb - Database closed");
     }