[packages/speech_tools] - fix format string errors - rel 4

baggins baggins at pld-linux.org
Sun May 10 00:59:35 CEST 2015 

commit 30264ad7ba02d149ded78931763ddaf96b493705
Author: Jan Rękorajski <baggins at pld-linux.org>
Date:   Sun May 10 00:59:22 2015 +0200

    - fix format string errors
    - rel 4

 format-security.patch | 22 ++++++++++++++++++++++
 speech_tools.spec     |  4 +++-
 2 files changed, 25 insertions(+), 1 deletion(-)
---
diff --git a/speech_tools.spec b/speech_tools.spec
index 70f24ba..12de5fb 100644
--- a/speech_tools.spec
+++ b/speech_tools.spec
@@ -4,7 +4,7 @@ Summary:	Edinburgh Speech Tools Library
 Summary(pl.UTF-8):	Biblioteka narzędzi mowy Edinburgh
 Name:		speech_tools
 Version:	2.1
-Release:	3
+Release:	4
 License:	distributable
 Group:		Applications/Sound
 # also:		http://www.cstr.ed.ac.uk/download/festival/2.1/%{name}-%{version}-release.tar.gz
@@ -20,6 +20,7 @@ Patch6:		%{name}-gcc44.patch
 Patch7:		%{name}-link.patch
 Patch8:		%{name}-gcc47.patch
 Patch9:		%{name}-pulse.patch
+Patch10:	format-security.patch
 URL:		http://www.cstr.ed.ac.uk/projects/speech_tools/
 BuildRequires:	alsa-lib-devel
 BuildRequires:	autoconf
@@ -90,6 +91,7 @@ Programy użytkowe narzędzi mowy Edinburgh.
 %patch7 -p1
 %patch8 -p1
 %patch9 -p1
+%patch10 -p1
 %if "%{_lib}" == "lib64"
 # fix regression output for 64-bit archs (sizeof(ptr)==8 instead of 4).
 %{__sed} -i 's:20 bytes:24 bytes:' testsuite/correct/matrix_regression.out
diff --git a/format-security.patch b/format-security.patch
new file mode 100644
index 0000000..b6ca691
--- /dev/null
+++ b/format-security.patch
@@ -0,0 +1,22 @@
+--- speech_tools/siod/siodeditline.c~	2004-04-30 18:56:51.000000000 +0200
++++ speech_tools/siod/siodeditline.c	2015-05-10 00:54:43.756487007 +0200
+@@ -151,7 +151,7 @@
+     symbol = el_current_sym();
+     infostring = siod_manual_sym(symbol);
+     putc('\n',stderr);
+-    fprintf(stderr,infostring);
++    fprintf(stderr,"%s",infostring);
+     fflush(stderr);
+     putc('\n',stderr);
+     fflush(stderr);
+--- speech_tools/utils/cmd_line.cc~	2010-11-05 16:10:38.000000000 +0100
++++ speech_tools/utils/cmd_line.cc	2015-05-10 00:56:45.835259085 +0200
+@@ -460,7 +460,7 @@
+     fprintf(stdout,"<cmdsynopsis><command>%s</command>", 
+ 	    (const char *)full.filename());
+ 
+-    fprintf(stdout, (const char *)ts.get_upto_eoln().string());
++    fprintf(stdout, "%s", (const char *)ts.get_upto_eoln().string());
+ 
+     while (!ts.eof())
+     {
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/speech_tools.git/commitdiff/30264ad7ba02d149ded78931763ddaf96b493705

More information about the pld-cvs-commit mailing list