3
5
Fork 0
mirror of git://git.savannah.gnu.org/guix.git synced 2023-12-14 03:33:07 +01:00
guix/gnu/packages/patches/a2ps-CVE-2015-8107.patch
Efraim Flashner 841bddb4b4
gnu: a2ps: Fix CVE-2015-8107.
* gnu/packages/pretty-print.scm (a2ps)[source]: Add patch.
* gnu/packages/patches/a2ps-CVE-2015-8107.patch: New file.
* gnu/local.mk (dist_patch_DATA): Register it.
2019-07-10 12:47:47 +03:00

80 lines
2 KiB
Diff

https://sources.debian.org/data/main/a/a2ps/1:4.14-2/debian/patches/fix-format-security.diff
Index: b/lib/psgen.c
===================================================================
--- a/lib/psgen.c
+++ b/lib/psgen.c
@@ -232,7 +232,7 @@
default:
*buf = '\0';
ps_escape_char (job, cp[i], buf);
- output (jdiv, (char *) buf);
+ output (jdiv, "%s", (char *) buf);
break;
}
}
Index: b/lib/output.c
===================================================================
--- a/lib/output.c
+++ b/lib/output.c
@@ -525,7 +525,7 @@
expand_user_string (job, FIRST_FILE (job),
(const uchar *) "Expand: requirement",
(const uchar *) token));
- output (dest, expansion);
+ output (dest, "%s", expansion);
continue;
}
Index: b/lib/parseppd.y
===================================================================
--- a/lib/parseppd.y
+++ b/lib/parseppd.y
@@ -154,7 +154,7 @@
void
yyerror (const char *msg)
{
- error_at_line (1, 0, ppdfilename, ppdlineno, msg);
+ error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
}
/*
Index: b/src/parsessh.y
===================================================================
--- a/src/parsessh.y
+++ b/src/parsessh.y
@@ -740,7 +740,7 @@
void
yyerror (const char *msg)
{
- error_at_line (1, 0, sshfilename, sshlineno, msg);
+ error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
}
/*
Index: b/lib/parseppd.c
===================================================================
--- a/lib/parseppd.c
+++ b/lib/parseppd.c
@@ -1707,7 +1707,7 @@
void
yyerror (const char *msg)
{
- error_at_line (1, 0, ppdfilename, ppdlineno, msg);
+ error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
}
/*
Index: b/src/parsessh.c
===================================================================
--- a/src/parsessh.c
+++ b/src/parsessh.c
@@ -2639,7 +2639,7 @@
void
yyerror (const char *msg)
{
- error_at_line (1, 0, sshfilename, sshlineno, msg);
+ error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
}
/*