diff options
author | Mihai Moldovan <ionic@ionic.de> | 2017-12-15 12:55:17 +0100 |
---|---|---|
committer | Mihai Moldovan <ionic@ionic.de> | 2017-12-15 12:55:17 +0100 |
commit | 1dad092caf01d733990648e6df64cbf964df5143 (patch) | |
tree | 39de0e643e76754a3e23ca9dd0350b8ba4f76250 /debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch | |
parent | 6d70b9e3c47f27a166f4aacb522c5c1e49092dd9 (diff) | |
parent | 2b9025f797ee322e21077e100c2ee27c2e7fa0e0 (diff) | |
download | nx-libs-1dad092caf01d733990648e6df64cbf964df5143.tar.gz nx-libs-1dad092caf01d733990648e6df64cbf964df5143.tar.bz2 nx-libs-1dad092caf01d733990648e6df64cbf964df5143.zip |
Merge branch '3.6.x'
Diffstat (limited to 'debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch')
-rw-r--r-- | debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch | 25 |
1 files changed, 0 insertions, 25 deletions
diff --git a/debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch b/debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch deleted file mode 100644 index 4147b463e..000000000 --- a/debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch +++ /dev/null @@ -1,25 +0,0 @@ -From ac6694378e0ed4bdffa6e1318c9d4beda24a6b0e Mon Sep 17 00:00:00 2001 -From: Mike DePaulo <mikedep333@gmail.com> -Date: Sun, 8 Feb 2015 20:12:25 -0500 -Subject: [PATCH 04/40] CVE-2013-6462: unlimited sscanf overflows stack buffer - in bdfReadCharacters() from xorg/lib/libXfont - http://lists.x.org/archives/xorg-announce/2014-January/002389.html - -Fixes cppcheck warning: - [lib/libXfont/src/bitmap/bdfread.c:341]: (warning) - scanf without field width limits can crash with huge input data. ---- - nx-X11/lib/font/bitmap/bdfread.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/nx-X11/lib/font/bitmap/bdfread.c -+++ b/nx-X11/lib/font/bitmap/bdfread.c -@@ -344,7 +344,7 @@ bdfReadCharacters(FontFilePtr file, Font - char charName[100]; - int ignore; - -- if (sscanf((char *) line, "STARTCHAR %s", charName) != 1) { -+ if (sscanf((char *) line, "STARTCHAR %99s", charName) != 1) { - bdfError("bad character name in BDF file\n"); - goto BAILOUT; /* bottom of function, free and return error */ - } |