SHA256
1
0
forked from pool/htmldoc
htmldoc/htmldoc_CVE-2009-3050_535943.diff
OBS User autobuild 0853e1bfbf Accepting request 29904 from Publishing
Copy from Publishing/htmldoc based on submit request 29904 from user coolo

OBS-URL: https://build.opensuse.org/request/show/29904
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/htmldoc?expand=0&rev=5
2010-01-21 12:02:01 +00:00

42 lines
1.4 KiB
Diff

Fix several insecure calls to sscanf(), bug 278186.
Index: htmldoc-1.8.27/htmldoc/htmllib.cxx
===================================================================
--- htmldoc-1.8.27.orig/htmldoc/htmllib.cxx
+++ htmldoc-1.8.27/htmldoc/htmllib.cxx
@@ -2139,7 +2139,7 @@ htmlLoadFontWidths(void)
* assigned charset...
*/
- if (sscanf(line, "%*s%*s%*s%*s%f%*s%*s%s", &width, glyph) != 2)
+ if (sscanf(line, "%*s%*s%*s%*s%f%*s%*s%63s", &width, glyph) != 2)
continue;
for (ch = 0; ch < 256; ch ++)
Index: htmldoc-1.8.27/htmldoc/ps-pdf.cxx
===================================================================
--- htmldoc-1.8.27.orig/htmldoc/ps-pdf.cxx
+++ htmldoc-1.8.27/htmldoc/ps-pdf.cxx
@@ -12512,7 +12512,7 @@ write_type1(FILE *out, /* I - Fil
* assigned charset...
*/
- if (sscanf(line, "%*s%*s%*s%*s%d%*s%*s%s", &width, glyph) != 2)
+ if (sscanf(line, "%*s%*s%*s%*s%d%*s%*s%63s", &width, glyph) != 2)
continue;
for (ch = 0; ch < 256; ch ++)
Index: htmldoc-1.8.27/htmldoc/util.cxx
===================================================================
--- htmldoc-1.8.27.orig/htmldoc/util.cxx
+++ htmldoc-1.8.27/htmldoc/util.cxx
@@ -484,7 +484,7 @@ set_page_size(const char *size) /* I - P
PageWidth = 595;
PageLength = 792;
}
- else if (sscanf(size, "%fx%f%s", &width, &length, units) >= 2)
+ else if (sscanf(size, "%fx%f%254s", &width, &length, units) >= 2)
{
/*
* Custom size...