From 756ec3ce8215dd9f20efb91b02a2ec12c7360401a0bbb2dc6a97557e7cc47088 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Tom=C3=A1=C5=A1=20Chv=C3=A1tal?= <tchvatal@suse.com>
Date: Tue, 14 Jul 2015 19:14:21 +0000
Subject: [PATCH] - Fix buffer overflow on dtrace lib:   *
 virtualbox-snpritnf-buffer-overflow.patch - Note: still does not respect
 cxxflags

OBS-URL: https://build.opensuse.org/package/show/Virtualization/virtualbox?expand=0&rev=212
---
 virtualbox-snpritnf-buffer-overflow.patch | 16 ++++++++++++++++
 virtualbox.changes                        |  7 +++++++
 virtualbox.spec                           |  3 +++
 3 files changed, 26 insertions(+)
 create mode 100644 virtualbox-snpritnf-buffer-overflow.patch

diff --git a/virtualbox-snpritnf-buffer-overflow.patch b/virtualbox-snpritnf-buffer-overflow.patch
new file mode 100644
index 0000000..6975769
--- /dev/null
+++ b/virtualbox-snpritnf-buffer-overflow.patch
@@ -0,0 +1,16 @@
+diff -urN VirtualBox-5.0.0.old/src/VBox/ExtPacks/VBoxDTrace/onnv/lib/libdtrace/common/dt_printf.c VirtualBox-5.0.0/src/VBox/ExtPacks/VBoxDTrace/onnv/lib/libdtrace/common/dt_printf.c
+--- VirtualBox-5.0.0.old/src/VBox/ExtPacks/VBoxDTrace/onnv/lib/libdtrace/common/dt_printf.c	2015-07-14 20:53:12.121479325 +0200
++++ VirtualBox-5.0.0/src/VBox/ExtPacks/VBoxDTrace/onnv/lib/libdtrace/common/dt_printf.c	2015-07-14 21:04:02.001865414 +0200
+@@ -1568,10 +1568,10 @@
+ 			width = 0;
+ 
+ 		if (width != 0)
+-			f += snprintf(f, sizeof (format), "%d", ABS(width));
++			f += snprintf(f, sizeof (f), "%d", ABS(width));
+ 
+ 		if (prec > 0)
+-			f += snprintf(f, sizeof (format), ".%d", prec);
++			f += snprintf(f, sizeof (f), ".%d", prec);
+ 
+ 		(void) strcpy(f, pfd->pfd_fmt);
+ 		pfd->pfd_rec = rec;
diff --git a/virtualbox.changes b/virtualbox.changes
index 53da611..e31ffca 100644
--- a/virtualbox.changes
+++ b/virtualbox.changes
@@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Tue Jul 14 19:13:46 UTC 2015 - tchvatal@suse.com
+
+- Fix buffer overflow on dtrace lib:
+  * virtualbox-snpritnf-buffer-overflow.patch
+- Note: still does not respect cxxflags
+
 -------------------------------------------------------------------
 Sat Jul 11 12:46:51 UTC 2015 - tchvatal@suse.com
 
diff --git a/virtualbox.spec b/virtualbox.spec
index bf1c4e9..3a97192 100644
--- a/virtualbox.spec
+++ b/virtualbox.spec
@@ -79,6 +79,8 @@ Patch105:       smap.diff
 Patch106:       gcc5-real-support.patch
 # Patch to build with gnu sed correctly
 Patch107:       virtualbox-sed-params.patch
+# Patch to use snprintf correcty and not overflow dst buffer
+Patch108:       virtualbox-snpritnf-buffer-overflow.patch
 BuildRequires:  LibVNCServer-devel
 BuildRequires:  SDL-devel
 BuildRequires:  acpica
@@ -304,6 +306,7 @@ This package contains icons for guest desktop files that were created on the des
 %patch105 -p1
 %patch106 -p1
 %patch107 -p1
+%patch108 -p1
 #copy user manual
 cp %{SOURCE1} UserManual.pdf
 #copy kbuild config