Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 423698 Details for
Bug 440762
<media-libs/plib-1.8.5-r1: stack-based buffer overflow in the error function in ssg/ssgParser.cxx (CVE-2012-4552)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch from debian
plib-1.8.5-CVE-2011-4552.patch (text/plain), 1.44 KB, created by
Felix Janda
on 2016-01-23 17:26:47 UTC
(
hide
)
Description:
Patch from debian
Filename:
MIME Type:
Creator:
Felix Janda
Created:
2016-01-23 17:26:47 UTC
Size:
1.44 KB
patch
obsolete
>diff -up plib-1.8.5/src/ssg/ssgParser.cxx~ plib-1.8.5/src/ssg/ssgParser.cxx >--- plib-1.8.5/src/ssg/ssgParser.cxx~ 2008-03-11 03:06:23.000000000 +0100 >+++ plib-1.8.5/src/ssg/ssgParser.cxx 2012-11-01 15:33:12.424483374 +0100 >@@ -57,18 +57,16 @@ void _ssgParser::error( const char *form > char msgbuff[ 255 ]; > va_list argp; > >- char* msgptr = msgbuff; >- if (linenum) >- { >- msgptr += sprintf ( msgptr,"%s, line %d: ", >- path, linenum ); >- } >- > va_start( argp, format ); >- vsprintf( msgptr, format, argp ); >+ vsnprintf( msgbuff, sizeof(msgbuff), format, argp ); > va_end( argp ); > >- ulSetError ( UL_WARNING, "%s", msgbuff ) ; >+ if (linenum) >+ { >+ ulSetError ( UL_WARNING, "%s, line %d: %s", path, linenum, msgbuff ) ; >+ } else { >+ ulSetError ( UL_WARNING, "%s", msgbuff ) ; >+ } > } > > >@@ -78,18 +76,16 @@ void _ssgParser::message( const char *fo > char msgbuff[ 255 ]; > va_list argp; > >- char* msgptr = msgbuff; >- if (linenum) >- { >- msgptr += sprintf ( msgptr,"%s, line %d: ", >- path, linenum ); >- } >- > va_start( argp, format ); >- vsprintf( msgptr, format, argp ); >+ vsnprintf( msgbuff, sizeof(msgbuff), format, argp ); > va_end( argp ); > >- ulSetError ( UL_DEBUG, "%s", msgbuff ) ; >+ if (linenum) >+ { >+ ulSetError ( UL_DEBUG, "%s, line %d: %s", path, linenum, msgbuff ) ; >+ } else { >+ ulSetError ( UL_DEBUG, "%s", msgbuff ) ; >+ } > } > > // Opens the file and does a few internal calculations based on the spec.
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 440762
: 423698