summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat (limited to 'app-text/uudeview/files/uudeview-0.5.20-string_format_issue.patch')
-rw-r--r--app-text/uudeview/files/uudeview-0.5.20-string_format_issue.patch24
1 files changed, 24 insertions, 0 deletions
diff --git a/app-text/uudeview/files/uudeview-0.5.20-string_format_issue.patch b/app-text/uudeview/files/uudeview-0.5.20-string_format_issue.patch
new file mode 100644
index 000000000000..7cbc584f5b47
--- /dev/null
+++ b/app-text/uudeview/files/uudeview-0.5.20-string_format_issue.patch
@@ -0,0 +1,24 @@
+Description: Fix potential security issue (arbitrary string being passed
+ as a format string to fprintf).
+Author: Andrew Shadura <andrewsh@debian.org>
+
+--- a/unix/uuenview.c
++++ b/unix/uuenview.c
+@@ -310,7 +310,7 @@ SendMkCommand (char **rcptlist, char *to
+ }
+
+ if ((*rcptlist = (char *) malloc (strlen (towhom) + 16)) == NULL) {
+- fprintf (stderr, "error: Out of memory allocating %d bytes\n",
++ fprintf (stderr, "error: Out of memory allocating %zd bytes\n",
+ strlen (towhom)+16);
+ _FP_free (command);
+ return NULL;
+@@ -483,7 +483,7 @@ AttachFiles (char *towhom, char *subject
+ if (_FP_stristr (input, "multipart") != NULL) {
+ /* it is already a multipart posting. grab the boundary */
+ if ((ptr = _FP_stristr (input, "boundary=")) != NULL) {
+- fprintf(thepipe, input);
++ fprintf(thepipe, "%s", input);
+ strcpy (boundary, ParseValue (ptr));
+ hadmulti = 1;
+ }