diff options
| author |   Peter Volkov <pva@gentoo.org> | 2010-12-20 17:45:22 +0000 |
|---|---|---|
| committer | Peter Volkov <pva@gentoo.org> | 2010-12-20 17:45:22 +0000 |
| commit | 68d7a32b3859162630f9a68fb504ec74729e71b1 (patch) | |
| tree | b6c541a9af32d612f9263ac843f561d9aea63941 /media-gfx/xfig/files | |
| parent | Marking eselect-php-0.6.1 ~ppc64 for bug 343597 (diff) | |
| download | historical-68d7a32b3859162630f9a68fb504ec74729e71b1.tar.gz historical-68d7a32b3859162630f9a68fb504ec74729e71b1.tar.bz2 historical-68d7a32b3859162630f9a68fb504ec74729e71b1.zip | |
Add patch to address stack-based buffer overflow, bug #348344, thank Tim Sammut for report. Drop old.
Package-Manager: portage-2.1.9.25/cvs/Linux x86_64
Diffstat (limited to 'media-gfx/xfig/files')
| -rw-r--r-- | media-gfx/xfig/files/xfig-3.2.5b-CVE-2010-4262.patch | 22 |
1 files changed, 22 insertions, 0 deletions
diff --git a/media-gfx/xfig/files/xfig-3.2.5b-CVE-2010-4262.patch b/media-gfx/xfig/files/xfig-3.2.5b-CVE-2010-4262.patch new file mode 100644 index 000000000000..eb85513ef69d --- /dev/null +++ b/media-gfx/xfig/files/xfig-3.2.5b-CVE-2010-4262.patch @@ -0,0 +1,22 @@ +--- w_msgpanel.c ++++ w_msgpanel.c 2010-12-03 14:21:07.931926127 +0000 +@@ -60,7 +60,7 @@ DeclareStaticArgs(12); + /* for the popup message (file_msg) window */ + + static int file_msg_length=0; +-static char tmpstr[300]; ++static char tmpstr[512]; + static Widget file_msg_panel, + file_msg_win, file_msg_dismiss; + +@@ -582,8 +582,8 @@ file_msg(char *format,...) + } + + va_start(ap, format); +- /* format the string */ +- vsprintf(tmpstr, format, ap); ++ /* format the string (but leave room for \n and \0) */ ++ vsnprintf(tmpstr, sizeof(tmpstr)-2, format, ap); + va_end(ap); + + strcat(tmpstr,"\n"); |