Commit | Line | Data |
---|---|---|
05f386f1 EF |
1 | https://sources.debian.org/data/main/p/plib/1.8.5-8/debian/patches/05_CVE-2012-4552.diff |
2 | ||
3 | diff -up plib-1.8.5/src/ssg/ssgParser.cxx~ plib-1.8.5/src/ssg/ssgParser.cxx | |
4 | --- plib-1.8.5/src/ssg/ssgParser.cxx~ 2008-03-11 03:06:23.000000000 +0100 | |
5 | +++ plib-1.8.5/src/ssg/ssgParser.cxx 2012-11-01 15:33:12.424483374 +0100 | |
6 | @@ -57,18 +57,16 @@ void _ssgParser::error( const char *form | |
7 | char msgbuff[ 255 ]; | |
8 | va_list argp; | |
9 | ||
10 | - char* msgptr = msgbuff; | |
11 | - if (linenum) | |
12 | - { | |
13 | - msgptr += sprintf ( msgptr,"%s, line %d: ", | |
14 | - path, linenum ); | |
15 | - } | |
16 | - | |
17 | va_start( argp, format ); | |
18 | - vsprintf( msgptr, format, argp ); | |
19 | + vsnprintf( msgbuff, sizeof(msgbuff), format, argp ); | |
20 | va_end( argp ); | |
21 | ||
22 | - ulSetError ( UL_WARNING, "%s", msgbuff ) ; | |
23 | + if (linenum) | |
24 | + { | |
25 | + ulSetError ( UL_WARNING, "%s, line %d: %s", path, linenum, msgbuff ) ; | |
26 | + } else { | |
27 | + ulSetError ( UL_WARNING, "%s", msgbuff ) ; | |
28 | + } | |
29 | } | |
30 | ||
31 | ||
32 | @@ -78,18 +76,16 @@ void _ssgParser::message( const char *fo | |
33 | char msgbuff[ 255 ]; | |
34 | va_list argp; | |
35 | ||
36 | - char* msgptr = msgbuff; | |
37 | - if (linenum) | |
38 | - { | |
39 | - msgptr += sprintf ( msgptr,"%s, line %d: ", | |
40 | - path, linenum ); | |
41 | - } | |
42 | - | |
43 | va_start( argp, format ); | |
44 | - vsprintf( msgptr, format, argp ); | |
45 | + vsnprintf( msgbuff, sizeof(msgbuff), format, argp ); | |
46 | va_end( argp ); | |
47 | ||
48 | - ulSetError ( UL_DEBUG, "%s", msgbuff ) ; | |
49 | + if (linenum) | |
50 | + { | |
51 | + ulSetError ( UL_DEBUG, "%s, line %d: %s", path, linenum, msgbuff ) ; | |
52 | + } else { | |
53 | + ulSetError ( UL_DEBUG, "%s", msgbuff ) ; | |
54 | + } | |
55 | } | |
56 | ||
57 | // Opens the file and does a few internal calculations based on the spec. |