Archives
Archives
| From: | "Ulrich Mueller (ulm)" <ulm@g.o> |
|---|---|
| To: | gentoo-commits@l.g.o |
| Subject: | [gentoo-commits] gentoo commit in src/patchsets/openmotif/2.2.3: 16_all_mrm_buffer_overflow.patch |
| Date: | Sat, 09 Oct 2010 14:04:20 |
| Message-Id: | 20101009140337.DA9452004C@flycatcher.gentoo.org |
| 1 | ulm 10/10/09 14:03:37 |
| 2 | |
| 3 | Added: 16_all_mrm_buffer_overflow.patch |
| 4 | Log: |
| 5 | Fix buffer overflow in libmrm, bug 340249. |
| 6 | |
| 7 | Revision Changes Path |
| 8 | 1.1 src/patchsets/openmotif/2.2.3/16_all_mrm_buffer_overflow.patch |
| 9 | |
| 10 | file : http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/openmotif/2.2.3/16_all_mrm_buffer_overflow.patch?rev=1.1&view=markup |
| 11 | plain: http://sources.gentoo.org/viewvc.cgi/gentoo/src/patchsets/openmotif/2.2.3/16_all_mrm_buffer_overflow.patch?rev=1.1&content-type=text/plain |
| 12 | |
| 13 | Index: 16_all_mrm_buffer_overflow.patch |
| 14 | =================================================================== |
| 15 | http://bugs.gentoo.org/340249 |
| 16 | Patch backported from openmotif-2.3.3 |
| 17 | |
| 18 | --- openMotif-2.2.3-orig/lib/Mrm/MrmIheader.c |
| 19 | +++ openMotif-2.2.3/lib/Mrm/MrmIheader.c |
| 20 | @@ -228,9 +228,10 @@ |
| 21 | |
| 22 | { |
| 23 | /* sscanf() may call ungetc(), which would write the XmConst string. */ |
| 24 | - char buf[XtNumber(idb__database_version) + 1]; |
| 25 | + char *buf = XtMalloc(strlen(idb__database_version) + 1); |
| 26 | strcpy(buf, idb__database_version); |
| 27 | sscanf(buf, "URM %d.%d", &db_major, &db_minor); |
| 28 | + XtFree(buf); |
| 29 | } |
| 30 | |
| 31 | if ((file_major > db_major) || |