[jackhill/guix/guix.git] / gnu / packages / patches / plib-CVE-2012-4552.patch

https://sources.debian.org/data/main/p/plib/1.8.5-8/debian/patches/05_CVE-2012-4552.diff

diff -up plib-1.8.5/src/ssg/ssgParser.cxx~ plib-1.8.5/src/ssg/ssgParser.cxx
--- plib-1.8.5/src/ssg/ssgParser.cxx~	2008-03-11 03:06:23.000000000 +0100
+++ plib-1.8.5/src/ssg/ssgParser.cxx	2012-11-01 15:33:12.424483374 +0100
@@ -57,18 +57,16 @@ void _ssgParser::error( const char *form
   char msgbuff[ 255 ];
   va_list argp;
 
-  char* msgptr = msgbuff;
-  if (linenum)
-  {
-    msgptr += sprintf ( msgptr,"%s, line %d: ",
-      path, linenum );
-  }
-
   va_start( argp, format );
-  vsprintf( msgptr, format, argp );
+  vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
   va_end( argp );
 
-  ulSetError ( UL_WARNING, "%s", msgbuff ) ;
+  if (linenum)
+  {
+    ulSetError ( UL_WARNING, "%s, line %d: %s", path, linenum, msgbuff ) ;
+  } else {
+    ulSetError ( UL_WARNING, "%s", msgbuff ) ;
+  }
 }
 
 
@@ -78,18 +76,16 @@ void _ssgParser::message( const char *fo
   char msgbuff[ 255 ];
   va_list argp;
 
-  char* msgptr = msgbuff;
-  if (linenum)
-  {
-    msgptr += sprintf ( msgptr,"%s, line %d: ",
-      path, linenum );
-  }
-
   va_start( argp, format );
-  vsprintf( msgptr, format, argp );
+  vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
   va_end( argp );
 
-  ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
+  if (linenum)
+  {
+    ulSetError ( UL_DEBUG, "%s, line %d: %s", path, linenum, msgbuff ) ;
+  } else {
+    ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
+  }
 }
 
 // Opens the file and does a few internal calculations based on the spec.
Commit	Line	Data
05f386f1 EF	1	https://sources.debian.org/data/main/p/plib/1.8.5-8/debian/patches/05_CVE-2012-4552.diff
	2
	3	diff -up plib-1.8.5/src/ssg/ssgParser.cxx~ plib-1.8.5/src/ssg/ssgParser.cxx
	4	--- plib-1.8.5/src/ssg/ssgParser.cxx~ 2008-03-11 03:06:23.000000000 +0100
	5	+++ plib-1.8.5/src/ssg/ssgParser.cxx 2012-11-01 15:33:12.424483374 +0100
	6	@@ -57,18 +57,16 @@ void _ssgParser::error( const char *form
	7	char msgbuff[ 255 ];
	8	va_list argp;
	9
	10	- char* msgptr = msgbuff;
	11	- if (linenum)
	12	- {
	13	- msgptr += sprintf ( msgptr,"%s, line %d: ",
	14	- path, linenum );
	15	- }
	16	-
	17	va_start( argp, format );
	18	- vsprintf( msgptr, format, argp );
	19	+ vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
	20	va_end( argp );
	21
	22	- ulSetError ( UL_WARNING, "%s", msgbuff ) ;
	23	+ if (linenum)
	24	+ {
	25	+ ulSetError ( UL_WARNING, "%s, line %d: %s", path, linenum, msgbuff ) ;
	26	+ } else {
	27	+ ulSetError ( UL_WARNING, "%s", msgbuff ) ;
	28	+ }
	29	}
	30
	31
	32	@@ -78,18 +76,16 @@ void _ssgParser::message( const char *fo
	33	char msgbuff[ 255 ];
	34	va_list argp;
	35
	36	- char* msgptr = msgbuff;
	37	- if (linenum)
	38	- {
	39	- msgptr += sprintf ( msgptr,"%s, line %d: ",
	40	- path, linenum );
	41	- }
	42	-
	43	va_start( argp, format );
	44	- vsprintf( msgptr, format, argp );
	45	+ vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
	46	va_end( argp );
	47
	48	- ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
	49	+ if (linenum)
	50	+ {
	51	+ ulSetError ( UL_DEBUG, "%s, line %d: %s", path, linenum, msgbuff ) ;
	52	+ } else {
	53	+ ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
	54	+ }
	55	}
	56
	57	// Opens the file and does a few internal calculations based on the spec.