fix from upstream for security issue http://bugs.gentoo.org/223965 ---------------------------- revision 1.9 date: 2008/05/27 14:35:17; author: raster; state: Exp; lines: +1 -1 2 possible security vulns fixed. should probably release new version with these. Index: imlib2/src/modules/loaders/loader_xpm.c =================================================================== RCS file: /cvs/e/e17/libs/imlib2/src/modules/loaders/loader_xpm.c,v retrieving revision 1.8 retrieving revision 1.9 diff -u -p -r1.8 -r1.9 --- imlib2/src/modules/loaders/loader_xpm.c 25 Aug 2007 02:07:08 -0000 1.8 +++ imlib2/src/modules/loaders/loader_xpm.c 27 May 2008 14:35:17 -0000 1.9 @@ -286,7 +286,7 @@ load(ImlibImage * im, ImlibProgressFunct if (line[k] != ' ') { s[0] = 0; - sscanf(&line[k], "%65535s", s); + sscanf(&line[k], "%255s", s); slen = strlen(s); k += slen; if (!strcmp(s, "c")) ---------------------------- revision 1.5 date: 2008/05/27 14:35:17; author: raster; state: Exp; lines: +1 -1 2 possible security vulns fixed. should probably release new version with these. Index: imlib2/src/modules/loaders/loader_pnm.c =================================================================== RCS file: /cvs/e/e17/libs/imlib2/src/modules/loaders/loader_pnm.c,v retrieving revision 1.4 retrieving revision 1.5 diff -u -p -r1.4 -r1.5 --- imlib2/src/modules/loaders/loader_pnm.c 9 Apr 2007 12:55:29 -0000 1.4 +++ imlib2/src/modules/loaders/loader_pnm.c 27 May 2008 14:35:17 -0000 1.5 @@ -68,7 +68,7 @@ load(ImlibImage * im, ImlibProgressFunct int i = 0; /* read numbers */ - while (c != EOF && !isspace(c)) + while (c != EOF && !isspace(c) && (i < 255)) { buf[i++] = c; c = fgetc(f);