Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Evergreen:11.2
ft2demos
bnc619562_CVE-2010-2527.diff
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File bnc619562_CVE-2010-2527.diff of Package ft2demos
From b995299b73ba4cd259f221f500d4e63095508bec Mon Sep 17 00:00:00 2001 From: Werner Lemberg <wl@gnu.org> Date: Mon, 07 Jun 2010 07:13:41 +0000 Subject: Fix Savannah bug #30054. * src/ftdiff.c, src/ftgrid.c, src/ftmulti.c, src/ftstring.c, src/ftview.c: Use precision for `%s' where appropriate to avoid buffer overflows. diff --git a/src/ftmulti.c b/src/ftmulti.c index 15133d4..bb030fb 100644 --- a/src/ftmulti.c +++ b/src/ftmulti.c @@ -2,7 +2,7 @@ /* */ /* The FreeType project -- a free and portable quality TrueType renderer. */ /* */ -/* Copyright 1996-2000, 2003, 2004, 2005 by */ +/* Copyright 1996-2000, 2003, 2004, 2005, 2010 by */ /* D. Turner, R.Wilhelm, and W. Lemberg */ /* */ /* */ @@ -34,7 +34,7 @@ #define MAXPTSIZE 500 /* dtp */ - char Header[128]; + char Header[256]; char* new_header = 0; const unsigned char* Text = (unsigned char*) @@ -795,7 +795,7 @@ Render_All( Num, ptsize ); } - sprintf( Header, "%s %s (file %s)", + sprintf( Header, "%.50s %.50s (file %.100s)", face->family_name, face->style_name, ft_basename( argv[file] ) ); @@ -830,7 +830,7 @@ } else { - sprintf( Header, "%s: not an MM font file, or could not be opened", + sprintf( Header, "%.100s: not an MM font file, or could not be opened", ft_basename( argv[file] ) ); } diff --git a/src/ftstring.c b/src/ftstring.c index f567596..ffa7f45 100644 --- a/src/ftstring.c +++ b/src/ftstring.c @@ -2,7 +2,7 @@ /* */ /* The FreeType project -- a free and portable quality TrueType renderer. */ /* */ -/* Copyright 1996-2002, 2003, 2004, 2005, 2006, 2007, 2009 by */ +/* Copyright 1996-2002, 2003, 2004, 2005, 2006, 2007, 2009, 2010 by */ /* D. Turner, R.Wilhelm, and W. Lemberg */ /* */ /* */ @@ -413,19 +413,20 @@ switch ( error_code ) { case FT_Err_Ok: - sprintf( status.header_buffer, "%s %s (file `%s')", face->family_name, + sprintf( status.header_buffer, + "%.50s %.50s (file `%.100s')", face->family_name, face->style_name, basename ); break; case FT_Err_Invalid_Pixel_Size: - sprintf( status.header_buffer, "Invalid pixel size (file `%s')", + sprintf( status.header_buffer, "Invalid pixel size (file `%.100s')", basename ); break; case FT_Err_Invalid_PPem: - sprintf( status.header_buffer, "Invalid ppem value (file `%s')", + sprintf( status.header_buffer, "Invalid ppem value (file `%.100s')", basename ); break; default: - sprintf( status.header_buffer, "File `%s': error 0x%04x", basename, + sprintf( status.header_buffer, "File `%.100s': error 0x%04x", basename, (FT_UShort)error_code ); break; } --- ft2demos-2.3.9/src/ftview.c.orig 2009-03-04 00:06:59.000000000 +0100 +++ ft2demos-2.3.9/src/ftview.c 2010-08-11 20:13:06.266668844 +0200 @@ -970,18 +970,20 @@ Next: switch ( error_code ) { case FT_Err_Ok: - sprintf( status.header_buffer, "%s %s (file `%s')", face->family_name, - face->style_name, basename ); + sprintf( status.header_buffer, "%.50s %.50s (file `%.100s')", + face->family_name, face->style_name, basename ); break; case FT_Err_Invalid_Pixel_Size: - sprintf( status.header_buffer, "Invalid pixel size (file `%s')", basename ); + sprintf( status.header_buffer, "Invalid pixel size (file `%.100s')", + basename ); break; case FT_Err_Invalid_PPem: - sprintf( status.header_buffer, "Invalid ppem value (file `%s')", basename ); + sprintf( status.header_buffer, "Invalid ppem value (file `%.100s')", + basename ); break; default: - sprintf( status.header_buffer, "File `%s': error 0x%04x", basename, - (FT_UShort)error_code ); + sprintf( status.header_buffer, "File `%.100s': error 0x%04x", + basename, (FT_UShort)error_code ); break; } --- ft2demos-2.3.9/src/ftdiff.c.orig 2009-01-07 09:16:41.000000000 +0100 +++ ft2demos-2.3.9/src/ftdiff.c 2010-08-11 20:10:43.089794239 +0200 @@ -1054,11 +1054,11 @@ state->message = state->message0; if ( total > 1 ) - sprintf( state->message0, "%s %d/%d @ %5.1fpt", + sprintf( state->message0, "%.100s %d/%d @ %5.1fpt", state->filename, idx + 1, total, state->char_size ); else - sprintf( state->message0, "%s @ %5.1fpt", + sprintf( state->message0, "%.100s @ %5.1fpt", state->filename, state->char_size ); } --- ft2demos-2.3.9/src/ftgrid.c.orig 2009-03-11 06:42:57.000000000 +0100 +++ ft2demos-2.3.9/src/ftgrid.c 2010-08-11 20:10:43.090794072 +0200 @@ -2,7 +2,7 @@ /* */ /* The FreeType project -- a free and portable quality TrueType renderer. */ /* */ -/* Copyright 1996-2000, 2003, 2004, 2005, 2006, 2007, 2009 by */ +/* Copyright 1996-2000, 2003, 2004, 2005, 2006, 2007, 2009, 2010 by */ /* D. Turner, R.Wilhelm, and W. Lemberg */ /* */ /* */ @@ -786,22 +786,22 @@ grid_status_draw_outline( GridStatus switch ( error_code ) { case FT_Err_Ok: - sprintf( status.header_buffer, "%s %s (file `%s')", + sprintf( status.header_buffer, "%.50s %.50s (file `%.100s')", face->family_name, face->style_name, basename ); break; case FT_Err_Invalid_Pixel_Size: - sprintf( status.header_buffer, "Invalid pixel size (file `%s')", + sprintf( status.header_buffer, "Invalid pixel size (file `%.100s')", basename ); break; case FT_Err_Invalid_PPem: - sprintf( status.header_buffer, "Invalid ppem value (file `%s')", + sprintf( status.header_buffer, "Invalid ppem value (file `%.100s')", basename ); break; default: - sprintf( status.header_buffer, "File `%s': error 0x%04x", + sprintf( status.header_buffer, "File `%.100s': error 0x%04x", basename, (FT_UShort)error_code ); break; }
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
