plib: fix CVE-2012-4552 (close #12195)
patch source: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=694810#10
This commit is contained in:
parent
4f4eebbded
commit
90b853b706
55
pkgs/development/libraries/plib/CVE-2012-4552.patch
Normal file
55
pkgs/development/libraries/plib/CVE-2012-4552.patch
Normal file
@ -0,0 +1,55 @@
|
||||
diff -up plib-1.8.5/src/ssg/ssgParser.cxx~ plib-1.8.5/src/ssg/ssgParser.cxx
|
||||
--- plib-1.8.5/src/ssg/ssgParser.cxx~ 2008-03-11 03:06:23.000000000 +0100
|
||||
+++ plib-1.8.5/src/ssg/ssgParser.cxx 2012-11-01 15:33:12.424483374 +0100
|
||||
@@ -57,18 +57,16 @@ void _ssgParser::error( const char *form
|
||||
char msgbuff[ 255 ];
|
||||
va_list argp;
|
||||
|
||||
- char* msgptr = msgbuff;
|
||||
- if (linenum)
|
||||
- {
|
||||
- msgptr += sprintf ( msgptr,"%s, line %d: ",
|
||||
- path, linenum );
|
||||
- }
|
||||
-
|
||||
va_start( argp, format );
|
||||
- vsprintf( msgptr, format, argp );
|
||||
+ vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
|
||||
va_end( argp );
|
||||
|
||||
- ulSetError ( UL_WARNING, "%s", msgbuff ) ;
|
||||
+ if (linenum)
|
||||
+ {
|
||||
+ ulSetError ( UL_WARNING, "%s, line %d: %s", path, linenum, msgbuff ) ;
|
||||
+ } else {
|
||||
+ ulSetError ( UL_WARNING, "%s", msgbuff ) ;
|
||||
+ }
|
||||
}
|
||||
|
||||
|
||||
@@ -78,18 +76,16 @@ void _ssgParser::message( const char *fo
|
||||
char msgbuff[ 255 ];
|
||||
va_list argp;
|
||||
|
||||
- char* msgptr = msgbuff;
|
||||
- if (linenum)
|
||||
- {
|
||||
- msgptr += sprintf ( msgptr,"%s, line %d: ",
|
||||
- path, linenum );
|
||||
- }
|
||||
-
|
||||
va_start( argp, format );
|
||||
- vsprintf( msgptr, format, argp );
|
||||
+ vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
|
||||
va_end( argp );
|
||||
|
||||
- ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
|
||||
+ if (linenum)
|
||||
+ {
|
||||
+ ulSetError ( UL_DEBUG, "%s, line %d: %s", path, linenum, msgbuff ) ;
|
||||
+ } else {
|
||||
+ ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
|
||||
+ }
|
||||
}
|
||||
|
||||
// Opens the file and does a few internal calculations based on the spec.
|
@ -11,6 +11,8 @@ stdenv.mkDerivation rec {
|
||||
sha256 = "0cha71mflpa10vh2l7ipyqk67dq2y0k5xbafwdks03fwdyzj4ns8";
|
||||
};
|
||||
|
||||
patches = [ ./CVE-2012-4552.patch ];
|
||||
|
||||
NIX_CFLAGS_COMPILE = if enablePIC then "-fPIC" else "";
|
||||
|
||||
propagatedBuildInputs = [
|
||||
|
Loading…
Reference in New Issue
Block a user