diff options
Diffstat (limited to 'debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch')
| -rw-r--r-- | debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch | 25 |
1 files changed, 0 insertions, 25 deletions
diff --git a/debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch b/debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch deleted file mode 100644 index 4147b463e..000000000 --- a/debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-.full.patch +++ /dev/null @@ -1,25 +0,0 @@ -From ac6694378e0ed4bdffa6e1318c9d4beda24a6b0e Mon Sep 17 00:00:00 2001 -From: Mike DePaulo <mikedep333@gmail.com> -Date: Sun, 8 Feb 2015 20:12:25 -0500 -Subject: [PATCH 04/40] CVE-2013-6462: unlimited sscanf overflows stack buffer - in bdfReadCharacters() from xorg/lib/libXfont - http://lists.x.org/archives/xorg-announce/2014-January/002389.html - -Fixes cppcheck warning: - [lib/libXfont/src/bitmap/bdfread.c:341]: (warning) - scanf without field width limits can crash with huge input data. ---- - nx-X11/lib/font/bitmap/bdfread.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/nx-X11/lib/font/bitmap/bdfread.c -+++ b/nx-X11/lib/font/bitmap/bdfread.c -@@ -344,7 +344,7 @@ bdfReadCharacters(FontFilePtr file, Font - char charName[100]; - int ignore; - -- if (sscanf((char *) line, "STARTCHAR %s", charName) != 1) { -+ if (sscanf((char *) line, "STARTCHAR %99s", charName) != 1) { - bdfError("bad character name in BDF file\n"); - goto BAILOUT; /* bottom of function, free and return error */ - } |