730d693969
https://bugzilla.redhat.com/show_bug.cgi?id=659676 to fix a possible puffer overflow (CVE-2010-4262) bump PKGREVISION
24 lines
682 B
Text
24 lines
682 B
Text
$NetBSD: patch-aq,v 1.1 2011/01/19 19:31:05 drochner Exp $
|
|
|
|
--- w_msgpanel.c.orig 2009-03-30 15:52:41.000000000 +0000
|
|
+++ w_msgpanel.c
|
|
@@ -60,7 +60,7 @@ DeclareStaticArgs(12);
|
|
/* for the popup message (file_msg) window */
|
|
|
|
static int file_msg_length=0;
|
|
-static char tmpstr[300];
|
|
+static char tmpstr[512];
|
|
static Widget file_msg_panel,
|
|
file_msg_win, file_msg_dismiss;
|
|
|
|
@@ -582,8 +582,8 @@ file_msg(char *format,...)
|
|
}
|
|
|
|
va_start(ap, format);
|
|
- /* format the string */
|
|
- vsprintf(tmpstr, format, ap);
|
|
+ /* format the string (but leave room for \n and \0) */
|
|
+ vsnprintf(tmpstr, sizeof(tmpstr)-2, format, ap);
|
|
va_end(ap);
|
|
|
|
strcat(tmpstr,"\n");
|