Bug#294793: NMU diff

Sun, 13 Feb 2005 11:38:33 -0800 

I'm NMUing to fix this bug, with the attached patch.

-- 
see shy jo

diff -u xpcd-2.08/debian/changelog xpcd-2.08/debian/changelog
--- xpcd-2.08/debian/changelog
+++ xpcd-2.08/debian/changelog
@@ -1,3 +1,11 @@
+xpcd (2.08-11.1) unstable; urgency=HIGH
+
+  * NMU
+  * Fixed buffer overflows [test/view.c, test/plug-0.54.c, xpcd/complete.c,
+    CAN-2005-0074] Closes: #294793
+
+ -- Joey Hess <[EMAIL PROTECTED]>  Sun, 13 Feb 2005 14:13:48 -0500
+
 xpcd (2.08-11) unstable; urgency=low
 
   * Bug fix: "rebuild with libtiff4, upload with urgency=medium", thanks
--- xpcd-2.08.orig/test/view.c
+++ xpcd-2.08/test/view.c
@@ -311,7 +311,7 @@
            if (verbose) {
                basename = strrchr(files[filenr], '/');
                basename = basename ? basename + 1 : files[filenr];
-               sprintf(message, "loading %s... ", basename);
+               snprintf(message, sizeof(message), "loading %s... ", basename);
                gl_write(0, vgamode->height - font_height, message);
            }
            read_image(files[filenr], image, res, &width, &height);
--- xpcd-2.08.orig/test/plug-0.54.c
+++ xpcd-2.08/test/plug-0.54.c
@@ -381,7 +381,7 @@
        if (!temp)
            gimp_quit();
 
-       sprintf(temp, "Loading %s:", filename);
+       snprintf(temp, sizeof(temp), "Loading %s:", filename);
        gimp_init_progress(temp);
        free(temp);
     }
--- xpcd-2.08.orig/xpcd/complete.c
+++ xpcd-2.08/xpcd/complete.c
@@ -128,9 +128,9 @@
            XBell(dpy, 100);
            strcpy(filename, expand);
        } else if (1 == n) {
-           sprintf(filename, "~%s/", pwmatch);
+           snprintf(filename, sizeof(filename), "~%s/", pwmatch);
        } else {
-           sprintf(filename, "~%s", pwmatch);
+           snprintf(filename, sizeof(filename), "~%s", pwmatch);
        }
 
     } else {
@@ -168,7 +168,7 @@
            strcpy(filename, fn);
        } else if (1 == n) {
            /* one match */
-           sprintf(filename, "%s/%s", dir, list[0]);
+           snprintf(filename, sizeof(filename), "%s/%s", dir, list[0]);
            stat(filename, &st);
            if (strchr(fn, '/')) {
                strcpy(filename, fn);

Attachment: signature.asc
Description: Digital signature

Reply via email to