[packages/libmpeg3] - fix format string errors - rel 3
baggins
baggins at pld-linux.org
Mon Mar 9 17:42:17 CET 2015
commit 43aec21c2c87119291e4b46d5cea012592e2de85
Author: Jan Rękorajski <baggins at pld-linux.org>
Date: Mon Mar 9 17:42:04 2015 +0100
- fix format string errors
- rel 3
format-security.patch | 20 ++++++++++++++++++++
libmpeg3.spec | 4 +++-
2 files changed, 23 insertions(+), 1 deletion(-)
---
diff --git a/libmpeg3.spec b/libmpeg3.spec
index 891eac3..8abc4ba 100644
--- a/libmpeg3.spec
+++ b/libmpeg3.spec
@@ -2,12 +2,13 @@ Summary: LibMPEG3 - decoding of many many derivatives of MPEG standards
Summary(pl.UTF-8): LibMPEG3 - dekodowanie wielu alternatywnych standardów MPEG
Name: libmpeg3
Version: 1.8
-Release: 2
+Release: 3
License: GPL v2+
Group: Libraries
Source0: http://downloads.sourceforge.net/heroines/%{name}-%{version}-src.tar.bz2
# Source0-md5: a9d0d34e8941a4437eb8e7dfe559eca1
Patch0: %{name}-acam.patch
+Patch1: format-security.patch
URL: http://heroinewarrior.com/libmpeg3.php
BuildRequires: a52dec-libs-devel >= 0.7.3
BuildRequires: autoconf >= 2.50
@@ -88,6 +89,7 @@ MPEG.
%prep
%setup -q
%patch0 -p1
+%patch1 -p1
%build
%{__libtoolize}
diff --git a/format-security.patch b/format-security.patch
new file mode 100644
index 0000000..4004e7e
--- /dev/null
+++ b/format-security.patch
@@ -0,0 +1,20 @@
+--- libmpeg3-1.8/mpeg3tocutil.c.orig 2015-03-09 17:39:36.022530554 +0100
++++ libmpeg3-1.8/mpeg3tocutil.c 2015-03-09 17:40:15.672530268 +0100
+@@ -1278,7 +1278,7 @@
+
+ // Store file information
+ PUT_INT32(FILE_INFO);
+- fprintf(file->toc_fd, file->fs->path);
++ fprintf(file->toc_fd, "%s", file->fs->path);
+ for(j = strlen(file->fs->path); j < MPEG3_STRLEN; j++)
+ fputc(0, file->toc_fd);
+ PUT_INT64(file->source_date);
+@@ -1309,7 +1309,7 @@
+ // Path
+ PUT_INT32(TITLE_PATH);
+
+- fprintf(file->toc_fd, title->fs->path);
++ fprintf(file->toc_fd, "%s", title->fs->path);
+
+ // Pad path with 0
+ for(j = strlen(title->fs->path); j < MPEG3_STRLEN; j++)
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/libmpeg3.git/commitdiff/43aec21c2c87119291e4b46d5cea012592e2de85
More information about the pld-cvs-commit
mailing list