Attachment 423698 Details for Bug 440762 – Patch from debian

[patch] Patch from debian

plib-1.8.5-CVE-2011-4552.patch (text/plain), 1.44 KB, created by Felix Janda on 2016-01-23 17:26:47 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Felix Janda

Created: 2016-01-23 17:26:47 UTC

Size: 1.44 KB

patch

obsolete

>diff -up plib-1.8.5/src/ssg/ssgParser.cxx~ plib-1.8.5/src/ssg/ssgParser.cxx
>--- plib-1.8.5/src/ssg/ssgParser.cxx~	2008-03-11 03:06:23.000000000 +0100
>+++ plib-1.8.5/src/ssg/ssgParser.cxx	2012-11-01 15:33:12.424483374 +0100
>@@ -57,18 +57,16 @@ void _ssgParser::error( const char *form
>   char msgbuff[ 255 ];
>   va_list argp;
> 
>-  char* msgptr = msgbuff;
>-  if (linenum)
>-  {
>-    msgptr += sprintf ( msgptr,"%s, line %d: ",
>-      path, linenum );
>-  }
>-
>   va_start( argp, format );
>-  vsprintf( msgptr, format, argp );
>+  vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
>   va_end( argp );
> 
>-  ulSetError ( UL_WARNING, "%s", msgbuff ) ;
>+  if (linenum)
>+  {
>+    ulSetError ( UL_WARNING, "%s, line %d: %s", path, linenum, msgbuff ) ;
>+  } else {
>+    ulSetError ( UL_WARNING, "%s", msgbuff ) ;
>+  }
> }
> 
> 
>@@ -78,18 +76,16 @@ void _ssgParser::message( const char *fo
>   char msgbuff[ 255 ];
>   va_list argp;
> 
>-  char* msgptr = msgbuff;
>-  if (linenum)
>-  {
>-    msgptr += sprintf ( msgptr,"%s, line %d: ",
>-      path, linenum );
>-  }
>-
>   va_start( argp, format );
>-  vsprintf( msgptr, format, argp );
>+  vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
>   va_end( argp );
> 
>-  ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
>+  if (linenum)
>+  {
>+    ulSetError ( UL_DEBUG, "%s, line %d: %s", path, linenum, msgbuff ) ;
>+  } else {
>+    ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
>+  }
> }
> 
> // Opens the file and does a few internal calculations based on the spec.

Actions: View | Diff

Attachments on bug 440762: 423698