1 https://sources.debian.org/data/main/p/plib/1.8.5-8/debian/patches/05_CVE-2012-4552.diff
3 diff -up plib-1.8.5/src/ssg/ssgParser.cxx~ plib-1.8.5/src/ssg/ssgParser.cxx
4 --- plib-1.8.5/src/ssg/ssgParser.cxx~ 2008-03-11 03:06:23.000000000 +0100
5 +++ plib-1.8.5/src/ssg/ssgParser.cxx 2012-11-01 15:33:12.424483374 +0100
6 @@ -57,18 +57,16 @@ void _ssgParser::error( const char *form
10 - char* msgptr = msgbuff;
13 - msgptr += sprintf ( msgptr,"%s, line %d: ",
17 va_start( argp, format );
18 - vsprintf( msgptr, format, argp );
19 + vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
22 - ulSetError ( UL_WARNING, "%s", msgbuff ) ;
25 + ulSetError ( UL_WARNING, "%s, line %d: %s", path, linenum, msgbuff ) ;
27 + ulSetError ( UL_WARNING, "%s", msgbuff ) ;
32 @@ -78,18 +76,16 @@ void _ssgParser::message( const char *fo
36 - char* msgptr = msgbuff;
39 - msgptr += sprintf ( msgptr,"%s, line %d: ",
43 va_start( argp, format );
44 - vsprintf( msgptr, format, argp );
45 + vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
48 - ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
51 + ulSetError ( UL_DEBUG, "%s, line %d: %s", path, linenum, msgbuff ) ;
53 + ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
57 // Opens the file and does a few internal calculations based on the spec.