SOURCES: openmotif-CVE-2005-3964.patch (NEW) - new

[adamg]

Author: adamg                        Date: Wed Dec 28 18:21:43 2005 GMT
Module: SOURCES                       Tag: HEAD
---- Log message:
- new

---- Files affected:
SOURCES:
   openmotif-CVE-2005-3964.patch (NONE -> 1.1)  (NEW)

---- Diffs:

================================================================
Index: SOURCES/openmotif-CVE-2005-3964.patch
diff -u /dev/null SOURCES/openmotif-CVE-2005-3964.patch:1.1
--- /dev/null	Wed Dec 28 19:21:43 2005
+++ SOURCES/openmotif-CVE-2005-3964.patch	Wed Dec 28 19:21:38 2005
@@ -0,0 +1,29 @@
+--- openMotif-2.2.3/clients/uil/UilDiags.c	2002-01-10 21:55:42.000000000 +0100
++++ openMotif-2.2.3/clients/uil/UilDiags.c	2005-12-12 22:09:48.000000000 +0100
+@@ -293,12 +293,12 @@ void	diag_issue_diagnostic
+     va_start(ap, l_start_column);
+ 
+ #ifndef NO_MESSAGE_CATALOG
+-    vsprintf( msg_buffer, 
++    vsnprintf( msg_buffer, 132, 
+ 	      catgets(uil_catd, UIL_SET1, msg_cat_table[ message_number ],
+ 		      diag_rz_msg_table[ message_number ].ac_text), 
+ 	     ap );
+ #else
+-    vsprintf( msg_buffer, 
++    vsnprintf( msg_buffer, 132,
+ 	      diag_rz_msg_table[ message_number ].ac_text, 
+ 	      ap );
+ #endif
+diff -rupN openMotif-2.2.3/clients/uil/UilSrcSrc.c openMotif-2.2.3-rc4/clients/uil/UilSrcSrc.c
+--- openMotif-2.2.3/clients/uil/UilSrcSrc.c	2002-01-10 21:55:47.000000000 +0100
++++ openMotif-2.2.3/clients/uil/UilSrcSrc.c	2005-12-12 22:10:46.000000000 +0100
+@@ -631,7 +631,7 @@ open_source_file( XmConst char          
+ 
+     /* place the file name in the expanded_name buffer */
+ 
+-    strcpy(buffer, c_file_name);
++    strncpy(buffer, c_file_name, 256);
+ 
+ /*    Determine if this is the main file or an include file.  */
+ 
================================================================