commit: a0d667ccdc30ed88649b59fc8cf2ddd926609c4b Author: Matthias Maier <tamiko <AT> gentoo <DOT> org> AuthorDate: Sun Dec 25 20:18:56 2022 +0000 Commit: Matthias Maier <tamiko <AT> gentoo <DOT> org> CommitDate: Sun Dec 25 20:20:05 2022 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a0d667cc
app-text/barcode: fix format security issue Closes: https://bugs.gentoo.org/521128 Signed-off-by: Matthias Maier <tamiko <AT> gentoo.org> app-text/barcode/barcode-0.99-r1.ebuild | 1 + .../files/barcode-0.99-not-a-literal-string.patch | 19 +++++++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/app-text/barcode/barcode-0.99-r1.ebuild b/app-text/barcode/barcode-0.99-r1.ebuild index 7afa62168be7..9e4012d3f2a0 100644 --- a/app-text/barcode/barcode-0.99-r1.ebuild +++ b/app-text/barcode/barcode-0.99-r1.ebuild @@ -19,6 +19,7 @@ DEPEND="${RDEPEND}" PATCHES=( "${FILESDIR}"/${P}-fno-common.patch "${FILESDIR}"/${P}-install-static-lib.patch + "${FILESDIR}"/${P}-not-a-literal-string.patch ) src_prepare() { diff --git a/app-text/barcode/files/barcode-0.99-not-a-literal-string.patch b/app-text/barcode/files/barcode-0.99-not-a-literal-string.patch new file mode 100644 index 000000000000..63b49d25c058 --- /dev/null +++ b/app-text/barcode/files/barcode-0.99-not-a-literal-string.patch @@ -0,0 +1,19 @@ +Taken from: https://lists.gnu.org/archive/html/bug-barcode/2021-09/msg00000.html +Author: https://lists.gnu.org/archive/html/bug-barcode/2021-09/msg00000.html +--- + plessey.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/plessey.c b/plessey.c +index 2f59e39..3089a3c 100644 +--- a/plessey.c ++++ b/plessey.c +@@ -149,7 +149,7 @@ int Barcode_pls_encode(struct Barcode_Item *bc) + checkptr[i+j] ^= check[j]; + } + for (i = 0; i < 8; i++) { +- sprintf(ptr, patterns[checkptr[strlen(text) * 4 + i]]); ++ sprintf(ptr, "%s", patterns[checkptr[strlen(text) * 4 + i]]); + ptr += 2; + } + fprintf(stderr, _("CRC: "));
