diff options
Diffstat (limited to 'app-text/uudeview/files/uudeview-0.5.20-string_format_issue.patch')
| -rw-r--r-- | app-text/uudeview/files/uudeview-0.5.20-string_format_issue.patch | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/app-text/uudeview/files/uudeview-0.5.20-string_format_issue.patch b/app-text/uudeview/files/uudeview-0.5.20-string_format_issue.patch new file mode 100644 index 000000000000..7cbc584f5b47 --- /dev/null +++ b/app-text/uudeview/files/uudeview-0.5.20-string_format_issue.patch @@ -0,0 +1,24 @@ +Description: Fix potential security issue (arbitrary string being passed + as a format string to fprintf). +Author: Andrew Shadura <andrewsh@debian.org> + +--- a/unix/uuenview.c ++++ b/unix/uuenview.c +@@ -310,7 +310,7 @@ SendMkCommand (char **rcptlist, char *to + } + + if ((*rcptlist = (char *) malloc (strlen (towhom) + 16)) == NULL) { +- fprintf (stderr, "error: Out of memory allocating %d bytes\n", ++ fprintf (stderr, "error: Out of memory allocating %zd bytes\n", + strlen (towhom)+16); + _FP_free (command); + return NULL; +@@ -483,7 +483,7 @@ AttachFiles (char *towhom, char *subject + if (_FP_stristr (input, "multipart") != NULL) { + /* it is already a multipart posting. grab the boundary */ + if ((ptr = _FP_stristr (input, "boundary=")) != NULL) { +- fprintf(thepipe, input); ++ fprintf(thepipe, "%s", input); + strcpy (boundary, ParseValue (ptr)); + hadmulti = 1; + } |