SOURCES: unzip-cve-2005-4667.patch (NEW) - security fix: CVE-2005-...
psz
psz at pld-linux.org
Sat Feb 18 00:33:54 CET 2006
Author: psz Date: Fri Feb 17 23:33:54 2006 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- security fix: CVE-2005-4667
- rel 3; STBR
---- Files affected:
SOURCES:
unzip-cve-2005-4667.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: SOURCES/unzip-cve-2005-4667.patch
diff -u /dev/null SOURCES/unzip-cve-2005-4667.patch:1.1
--- /dev/null Sat Feb 18 00:33:54 2006
+++ SOURCES/unzip-cve-2005-4667.patch Sat Feb 18 00:33:49 2006
@@ -0,0 +1,24 @@
+--- unzip-5.52.orig/unzpriv.h 2006-02-18 00:17:52.000000000 +0100
++++ unzip-5.52/unzpriv.h 2006-02-18 00:01:42.000000000 +0100
+@@ -2274,17 +2274,18 @@
+ * (char *)(sprintf sprf_arg, (buf))) == EOF)
+ */
+ #ifndef Info /* may already have been defined for redirection */
++# define wsizesnprintf(buf, ...) snprintf (buf, WSIZE-1, __VA_ARGS__)
+ # ifdef FUNZIP
+ # define Info(buf,flag,sprf_arg) \
+- fprintf((flag)&1? stderr : stdout, (char *)(sprintf sprf_arg, (buf)))
++ fputs((char *)(wsizesnprintf sprf_arg, (buf)), (flag)&1? stderr : stdout)
+ # else
+ # ifdef INT_SPRINTF /* optimized version for "int sprintf()" flavour */
+ # define Info(buf,flag,sprf_arg) \
+- (*G.message)((zvoid *)&G, (uch *)(buf), (ulg)sprintf sprf_arg, (flag))
++ (*G.message)((zvoid *)&G, (uch *)(buf), (ulg)wsizesnprintf sprf_arg, (flag))
+ # else /* generic version, does not use sprintf() return value */
+ # define Info(buf,flag,sprf_arg) \
+ (*G.message)((zvoid *)&G, (uch *)(buf), \
+- (ulg)(sprintf sprf_arg, strlen((char *)(buf))), (flag))
++ (ulg)(wsizesnprintf sprf_arg, strlen((char *)(buf))), (flag))
+ # endif
+ # endif
+ #endif /* !Info */
================================================================
More information about the pld-cvs-commit
mailing list