packages: xv/xv.spec, xv/xv-buffer_overflows.patch (NEW)=?UTF-8?Q?=20?=- fixed segfault c...

[adwol]

Author: adwol                        Date: Mon Jul  2 12:21:14 2012 GMT
Module: packages                      Tag: HEAD
---- Log message:
- fixed segfault caused by buffer overflow (one of many, many...)

---- Files affected:
packages/xv:
   xv.spec (1.49 -> 1.50) , xv-buffer_overflows.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: packages/xv/xv.spec
diff -u packages/xv/xv.spec:1.49 packages/xv/xv.spec:1.50
--- packages/xv/xv.spec:1.49	Thu Feb  9 19:55:09 2012
+++ packages/xv/xv.spec	Mon Jul  2 14:21:09 2012
@@ -10,7 +10,7 @@
 Summary(uk.UTF-8):	Програма для перегляду та перетворення файлів зображень для X
 Name:		xv
 Version:	3.10a
-Release:	37
+Release:	38
 License:	Shareware
 Group:		X11/Applications/Graphics
 Source0:	ftp://ftp.cis.upenn.edu/pub/xv/%{name}-%{version}.tar.gz
@@ -29,6 +29,7 @@
 #from http://www.gregroelofs.com/code/%{name}-3.10a-enhancements.20070520-20081216.diff
 Patch1:		%{name}-3.10a-enhancements.20070520-20081216.diff
 Patch2:		%{name}-libpng-1.5.patch
+Patch3:		%{name}-buffer_overflows.patch
 URL:		http://www.trilon.com/xv/xv.html
 BuildRequires:	jasper-devel
 BuildRequires:	libjpeg-devel
@@ -108,6 +109,7 @@
 %patch0 -p1
 %patch1 -p1
 %patch2 -p0
+%patch3 -p1
 
 %build
 %{__make} \
@@ -153,6 +155,9 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.50  2012/07/02 12:21:09  adwol
+- fixed segfault caused by buffer overflow (one of many, many...)
+
 Revision 1.49  2012/02/09 18:55:09  baggins
 - rel 37
 - fix building with libpng 1.5, from openbsd

================================================================
Index: packages/xv/xv-buffer_overflows.patch
diff -u /dev/null packages/xv/xv-buffer_overflows.patch:1.1
--- /dev/null	Mon Jul  2 14:21:14 2012
+++ packages/xv/xv-buffer_overflows.patch	Mon Jul  2 14:21:09 2012
@@ -0,0 +1,39 @@
+diff -ruNp xv-3.10a.orig/xvtext.c xv-3.10a/xvtext.c
+--- xv-3.10a.orig/xvtext.c	2012-07-02 14:12:18.729232321 +0200
++++ xv-3.10a/xvtext.c	2012-07-02 14:14:09.245684311 +0200
+@@ -53,7 +53,7 @@
+ #  define TV_J_NBUTTS 8
+ #endif
+ 
+-#define TITLELEN 128
++#define TITLELEN 270
+ 
+ #ifdef TV_MULTILINGUAL
+ struct coding_spec {
+@@ -385,7 +385,7 @@ int TextView(fname)
+ 
+   int   filetype;
+   long  textlen;
+-  char *text, buf[512], title[128], rfname[MAXPATHLEN+1];
++  char *text, buf[512], title[TITLELEN], rfname[MAXPATHLEN+1];
+   char *basefname[128];  /* just current fname, no path */
+   FILE *fp;
+   char filename[MAXPATHLEN+1];
+@@ -453,7 +453,7 @@ int TextView(fname)
+ 
+   fclose(fp);
+ 
+-  sprintf(title, "File: '%s'", BaseName(fname));
++  snprintf(title, TITLELEN, "File: '%s'", BaseName(fname));
+   OpenTextView(text, (int) textlen, title, 1);
+ 
+   /* note:  text gets freed when window gets closed */
+@@ -545,7 +545,7 @@ void ChangeCommentText()
+   tv->freeonclose = 0;
+ 
+   if (strlen(fullfname))
+-    sprintf(tv->title, "File: '%s'", BaseName(fullfname));
++    snprintf(tv->title, TITLELEN, "File: '%s'", BaseName(fullfname));
+   else
+     sprintf(tv->title, "<no file loaded>");
+ 
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/packages/xv/xv.spec?r1=1.49&r2=1.50