aboutsummaryrefslogtreecommitdiff
path: root/debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch')
-rw-r--r--debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch30
1 files changed, 30 insertions, 0 deletions
diff --git a/debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch b/debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch
new file mode 100644
index 000000000..1cc44d0d1
--- /dev/null
+++ b/debian/patches/1004-CVE-2013-6462-unlimited-sscanf-overflows-stack-buffe.patch
@@ -0,0 +1,30 @@
+From ac6694378e0ed4bdffa6e1318c9d4beda24a6b0e Mon Sep 17 00:00:00 2001
+From: Mike DePaulo <mikedep333@gmail.com>
+Date: Sun, 8 Feb 2015 20:12:25 -0500
+Subject: [PATCH 04/40] CVE-2013-6462: unlimited sscanf overflows stack buffer
+ in bdfReadCharacters() from xorg/lib/libXfont
+ http://lists.x.org/archives/xorg-announce/2014-January/002389.html
+
+Fixes cppcheck warning:
+ [lib/libXfont/src/bitmap/bdfread.c:341]: (warning)
+ scanf without field width limits can crash with huge input data.
+---
+ nx-X11/lib/font/bitmap/bdfread.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/nx-X11/lib/font/bitmap/bdfread.c b/nx-X11/lib/font/bitmap/bdfread.c
+index a6f0c1e..bccabd7 100644
+--- a/nx-X11/lib/font/bitmap/bdfread.c
++++ b/nx-X11/lib/font/bitmap/bdfread.c
+@@ -344,7 +344,7 @@ bdfReadCharacters(FontFilePtr file, FontPtr pFont, bdfFileState *pState,
+ char charName[100];
+ int ignore;
+
+- if (sscanf((char *) line, "STARTCHAR %s", charName) != 1) {
++ if (sscanf((char *) line, "STARTCHAR %99s", charName) != 1) {
+ bdfError("bad character name in BDF file\n");
+ goto BAILOUT; /* bottom of function, free and return error */
+ }
+--
+2.1.4
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-20 22:07:10 +0000