diff options
| author | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2018-10-23 22:07:23 +0000 |
|---|---|---|
| committer | A. Wilcox <AWilcox@Wilcox-Tech.com> | 2018-10-24 01:14:40 +0000 |
| commit | 35d3464218da6f5ae5025fec65dd1caa08d31824 (patch) | |
| tree | f2d81ac1fc863233490f3fd1006be9aebbb5754e /user/plib/plib-1.8.5-CVE-2012-4552.patch | |
| parent | 67b10a41901d249e4d8ce18cd5913912117a2ac4 (diff) | |
| download | packages-35d3464218da6f5ae5025fec65dd1caa08d31824.tar.gz packages-35d3464218da6f5ae5025fec65dd1caa08d31824.tar.bz2 packages-35d3464218da6f5ae5025fec65dd1caa08d31824.tar.xz packages-35d3464218da6f5ae5025fec65dd1caa08d31824.zip | |
user/plib: new package
Diffstat (limited to 'user/plib/plib-1.8.5-CVE-2012-4552.patch')
| -rw-r--r-- | user/plib/plib-1.8.5-CVE-2012-4552.patch | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/user/plib/plib-1.8.5-CVE-2012-4552.patch b/user/plib/plib-1.8.5-CVE-2012-4552.patch new file mode 100644 index 000000000..78f1b22ae --- /dev/null +++ b/user/plib/plib-1.8.5-CVE-2012-4552.patch @@ -0,0 +1,54 @@ +--- plib-1.8.5/src/ssg/ssgParser.cxx~ ++++ plib-1.8.5/src/ssg/ssgParser.cxx +@@ -57,18 +57,16 @@ void _ssgParser::error( const char *form + char msgbuff[ 255 ]; + va_list argp; + +- char* msgptr = msgbuff; +- if (linenum) +- { +- msgptr += sprintf ( msgptr,"%s, line %d: ", +- path, linenum ); +- } +- + va_start( argp, format ); +- vsprintf( msgptr, format, argp ); ++ vsnprintf( msgbuff, sizeof(msgbuff), format, argp ); + va_end( argp ); + +- ulSetError ( UL_WARNING, "%s", msgbuff ) ; ++ if (linenum) ++ { ++ ulSetError ( UL_WARNING, "%s, line %d: %s", path, linenum, msgbuff ) ; ++ } else { ++ ulSetError ( UL_WARNING, "%s", msgbuff ) ; ++ } + } + + +@@ -78,18 +76,16 @@ void _ssgParser::message( const char *fo + char msgbuff[ 255 ]; + va_list argp; + +- char* msgptr = msgbuff; +- if (linenum) +- { +- msgptr += sprintf ( msgptr,"%s, line %d: ", +- path, linenum ); +- } +- + va_start( argp, format ); +- vsprintf( msgptr, format, argp ); ++ vsnprintf( msgbuff, sizeof(msgbuff), format, argp ); + va_end( argp ); + +- ulSetError ( UL_DEBUG, "%s", msgbuff ) ; ++ if (linenum) ++ { ++ ulSetError ( UL_DEBUG, "%s, line %d: %s", path, linenum, msgbuff ) ; ++ } else { ++ ulSetError ( UL_DEBUG, "%s", msgbuff ) ; ++ } + } + + // Opens the file and does a few internal calculations based on the spec. |