rpms/nasm/FC-3 nasm-0.98-38-CAN-2004-1287.patch, NONE, 1.1 nasm.spec, 1.11, 1.12
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Fri Apr 15 11:29:06 UTC 2005
- Previous message (by thread): rpms/glibc/devel .cvsignore, 1.94, 1.95 glibc-fedora.patch, 1.76, 1.77 glibc.spec, 1.145, 1.146 sources, 1.111, 1.112
- Next message (by thread): rpms/alsa-lib/FC-3 alsa-lib-stack2.patch, NONE, 1.1 alsa-lib.spec, 1.12, 1.13
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Update of /cvs/dist/rpms/nasm/FC-3
In directory cvs.devel.redhat.com:/tmp/cvs-serv8841
Modified Files:
nasm.spec
Added Files:
nasm-0.98-38-CAN-2004-1287.patch
Log Message:
- add patch to fix vsprintf buffer overflows - CAN-2004-1287 (#143052)
nasm-0.98-38-CAN-2004-1287.patch:
output/outieee.c | 2 +-
preproc.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
--- NEW FILE nasm-0.98-38-CAN-2004-1287.patch ---
--- nasm-0.98.38/output/outieee.c.CAN-2004-1287 2002-09-12 04:23:54.000000000 +0200
+++ nasm-0.98.38/output/outieee.c 2005-04-12 17:52:23.040100184 +0200
@@ -1096,7 +1096,7 @@ static void ieee_putascii(char *format,
va_list ap;
va_start(ap, format);
- vsprintf(buffer, format, ap);
+ vsnprintf(buffer, sizeof(buffer), format, ap);
l = strlen(buffer);
for (i=0; i < l; i++)
if ((buffer[i] & 0xff) > 31)
--- nasm-0.98.38/preproc.c.CAN-2004-1287 2003-09-08 00:46:26.000000000 +0200
+++ nasm-0.98.38/preproc.c 2005-04-12 17:53:44.765676008 +0200
@@ -4067,7 +4067,7 @@ error(int severity, const char *fmt, ...
return;
va_start(arg, fmt);
- vsprintf(buff, fmt, arg);
+ vsnprintf(buff, sizeof(buff), fmt, arg);
va_end(arg);
if (istk && istk->mstk && istk->mstk->name)
Index: nasm.spec
===================================================================
RCS file: /cvs/dist/rpms/nasm/FC-3/nasm.spec,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -r1.11 -r1.12
--- nasm.spec 9 Sep 2004 08:58:36 -0000 1.11
+++ nasm.spec 15 Apr 2005 11:29:04 -0000 1.12
@@ -1,8 +1,9 @@
Summary: A portable x86 assembler which uses Intel-like syntax.
Name: nasm
Version: 0.98.38
-Release: 3
+Release: 3.FC3
Patch0: nasm-0.98-boguself2.patch
+Patch1: nasm-0.98-38-CAN-2004-1287.patch
License: LGPL
Group: Development/Languages
Source: http://prdownloads.sourceforge.net/nasm/nasm-%{version}.tar.bz2
@@ -36,6 +37,7 @@
%prep
%setup
#patch0 -p1 -b .boguself
+%patch1 -p1 -b .CAN-2004-1287
%build
%configure
@@ -87,6 +89,9 @@
%{_bindir}/rdx
%changelog
+* Tue Apr 15 2005 Jindrich Novy <jnovy at redhat.com> 0.98.38-3.FC3
+- add patch to fix vsprintf buffer overflows - CAN-2004-1287 (#143052)
+
* Tue Jun 15 2004 Elliot Lee <sopwith at redhat.com>
- rebuilt
- Previous message (by thread): rpms/glibc/devel .cvsignore, 1.94, 1.95 glibc-fedora.patch, 1.76, 1.77 glibc.spec, 1.145, 1.146 sources, 1.111, 1.112
- Next message (by thread): rpms/alsa-lib/FC-3 alsa-lib-stack2.patch, NONE, 1.1 alsa-lib.spec, 1.12, 1.13
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-cvs-commits
mailing list