media-sound/orpheus/files/101_fix-buffer-overflow.diff


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15

Fix a stack-based buffer overflow in kkstrtext.h in ktools library.
(CVE-2005-3863) (Closes: #368402)
Index: orpheus-1.5/kkstrtext-0.1/kkstrtext.h
===================================================================
--- orpheus-1.5.orig/kkstrtext-0.1/kkstrtext.h	2003-12-14 11:51:38.000000000 +0100
+++ orpheus-1.5/kkstrtext-0.1/kkstrtext.h	2006-08-01 21:57:14.000000000 +0200
@@ -87,7 +87,7 @@
     { \
 	va_list vgs__ap; char vgs__buf[1024]; \
 	va_start(vgs__ap, fmt); \
-	vsprintf(vgs__buf, fmt, vgs__ap); c = vgs__buf; \
+	vsnprintf(vgs__buf, 1024, fmt, vgs__ap); c = vgs__buf; \
 	va_end(vgs__ap); \
     }