kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix some format string vulnerabilities, see

Browse source 
http://www.open-security.org/advisories/16
This commit is contained in:
drochner 2006-04-21 11:11:26 +00:00
parent c2ed319717
commit f1ece97c01
4 changed files with 49 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
multimedia/xine-ui/Makefile
View file

@ -1,9 +1,8 @@
# $NetBSD: Makefile,v 1.24 2006/04/17 13:46:42 wiz Exp $
# $NetBSD: Makefile,v 1.25 2006/04/21 11:11:26 drochner Exp $
#
DISTNAME= xine-ui-0.99.4
#PKGREVISION= 1
PKGREVISION= 1
PKGREVISION= 2
CATEGORIES= multimedia
MASTER_SITES= ${MASTER_SITE_SOURCEFORGE:=xine/}

4
multimedia/xine-ui/distinfo
View file

@ -1,4 +1,4 @@
$NetBSD: distinfo,v 1.10 2006/04/09 14:43:13 hira Exp $
$NetBSD: distinfo,v 1.11 2006/04/21 11:11:26 drochner Exp $
SHA1 (xine-ui-0.99.4.tar.gz) = b982e5697f183559c216f9243b9410d61b9c58aa
RMD160 (xine-ui-0.99.4.tar.gz) = eeead5c6e566ade5505c8fcb924272c74eb4f49a
@ -12,3 +12,5 @@ SHA1 (patch-al) = d00f3ad348450e209d55ba69c1c053fce7d359b3
SHA1 (patch-am) = 57567b2c1f86ef575ff4abcbfaa5f06e3178a056
SHA1 (patch-ao) = 09e83615b88dffbdfeb0b0bad07dcdc60024ba67
SHA1 (patch-ap) = f4f360e5fc8008882f07c649b7ea29ef163c6731
SHA1 (patch-aq) = 212d5c561422e5866cdc05cd39c609b1274aa8b6
SHA1 (patch-ar) = a64614bc76e73a7d0600daee0a72affe2dc6de15

31
multimedia/xine-ui/patches/patch-aq Normal file
View file

@ -0,0 +1,31 @@
$NetBSD: patch-aq,v 1.1 2006/04/21 11:11:26 drochner Exp $
--- src/xitk/main.c.orig 2006-04-20 11:59:48.000000000 +0200
+++ src/xitk/main.c
@@ -456,7 +456,7 @@ static void print_formatted(char *title,
int len;
char *blanks = " ";
- printf(title);
+ printf("%s", title);
sprintf(buffer, "%s", blanks);
plugin = *plugins++;
@@ -469,7 +469,7 @@ static void print_formatted(char *title,
sprintf(buffer, "%s%s%s", buffer, (strlen(buffer) == strlen(blanks)) ? "" : ", ", plugin);
}
else {
- printf(buffer);
+ printf("%s", buffer);
printf(",\n");
snprintf(buffer, sizeof(buffer), "%s%s", blanks, plugin);
}
@@ -478,7 +478,7 @@ static void print_formatted(char *title,
}
if(strlen(buffer))
- printf(buffer);
+ printf("%s", buffer);
printf(".\n\n");
}

13
multimedia/xine-ui/patches/patch-ar Normal file
View file

@ -0,0 +1,13 @@
$NetBSD: patch-ar,v 1.1 2006/04/21 11:11:26 drochner Exp $
--- src/xitk/xine-toolkit/xitk.c.orig 2006-04-21 12:52:41.000000000 +0200
+++ src/xitk/xine-toolkit/xitk.c
@@ -1877,7 +1877,7 @@ void xitk_init(Display *display, XColor
sprintf(buffer, "%s%s", buffer, " ]-");
if(verbosity)
- printf(buffer);
+ printf("%s", buffer);
gXitk->wm_type = xitk_check_wm(display);