From 1c038fd0033fc8ba7dcc6b306ce218640365ffbb Mon Sep 17 00:00:00 2001
From: Mike DePaulo <mikedep333@gmail.com>
Date: Sat, 5 Apr 2014 12:03:22 -0400
Subject: Fix CVE-2013-6462 (2014-01-07). The fix is included in upstream
 libXfont 1.4.7 .

---
 libXfont/src/bitmap/bdfread.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libXfont/src/bitmap/bdfread.c b/libXfont/src/bitmap/bdfread.c
index e2770dc1c..e11c5d266 100644
--- a/libXfont/src/bitmap/bdfread.c
+++ b/libXfont/src/bitmap/bdfread.c
@@ -338,7 +338,7 @@ bdfReadCharacters(FontFilePtr file, FontPtr pFont, bdfFileState *pState,
 	char        charName[100];
 	int         ignore;
 
-	if (sscanf((char *) line, "STARTCHAR %s", charName) != 1) {
+	if (sscanf((char *) line, "STARTCHAR %99s", charName) != 1) {
 	    bdfError("bad character name in BDF file\n");
 	    goto BAILOUT;	/* bottom of function, free and return error */
 	}
-- 
cgit v1.2.3