rpms/m4/devel m4-1.4.10-snprintf.patch,NONE,1.1 m4.spec,1.30,1.31
Vitezslav Crhonek (vcrhonek)
fedora-extras-commits at redhat.com
Mon Dec 17 15:40:15 UTC 2007
- Previous message (by thread): rpms/kdebase/F-7 kdebase-3.5.8-flash.patch, NONE, 1.1 kdebase-3.5.8-gdm-socket.patch, NONE, 1.1 kdebase.spec, 1.262, 1.263 kde.desktop, 1.2, NONE
- Next message (by thread): rpms/gnome-python2-desktop/devel gnome-python2-desktop.spec, 1.22, 1.23
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: vcrhonek
Update of /cvs/extras/rpms/m4/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv5726
Modified Files:
m4.spec
Added Files:
m4-1.4.10-snprintf.patch
Log Message:
fix vasnprintf puts %%n into a writeable format string in all cases
m4-1.4.10-snprintf.patch:
--- NEW FILE m4-1.4.10-snprintf.patch ---
--- m4-1.4.10/lib/vasnprintf.c_old 2007-07-05 13:48:27.000000000 +0200
+++ m4-1.4.10/lib/vasnprintf.c 2007-12-13 13:38:39.000000000 +0100
@@ -3385,10 +3385,22 @@
#endif
*fbp = dp->conversion;
#if USE_SNPRINTF
+#if !(__GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 3))
fbp[1] = '%';
fbp[2] = 'n';
fbp[3] = '\0';
#else
+ /* On glibc2 systems from glibc >= 2.3 - probably also older
+ ones - we know that snprintf's returns value conforms to
+ ISO C 99: the gl_SNPRINTF_DIRECTIVE_N test passes.
+ Therefore we can avoid using %n in this situation.
+ On glibc2 systems from 2004-10-18 or newer, the use of %n
+ in format strings in writable memory may crash the program
+ (if compiled with _FORTIFY_SOURCE=2), so we should avoid it
+ in this situation. */
+ fbp[1] = '\0';
+#endif
+#else
fbp[1] = '\0';
#endif
Index: m4.spec
===================================================================
RCS file: /cvs/extras/rpms/m4/devel/m4.spec,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- m4.spec 22 Aug 2007 09:37:08 -0000 1.30
+++ m4.spec 17 Dec 2007 15:39:39 -0000 1.31
@@ -1,11 +1,12 @@
Summary: The GNU macro processor
Name: m4
Version: 1.4.10
-Release: 1%{?dist}
+Release: 2%{?dist}
License: GPLv3+
Group: Applications/Text
Source0: ftp://ftp.gnu.org/gnu/m4/m4-%{version}.tar.bz2
Source1: ftp://ftp.gnu.org/gnu/m4/m4-%{version}.tar.bz2.sig
+Patch0: m4-1.4.10-snprintf.patch
URL: http://www.gnu.org/software/m4/
Buildroot: %{_tmppath}/%{name}-root
Requires(post): /sbin/install-info
@@ -23,6 +24,7 @@
%prep
%setup -q
+%patch0 -p1 -b .snprintf
%build
%configure
@@ -53,6 +55,10 @@
rm -rf $RPM_BUILD_ROOT
%changelog
+* Mon Dec 17 2007 Vitezslav Crhonek <vcrhonek at redhat.com> - 1.4.10-2
+- Fix vasnprintf puts %%n into a writeable format string in all cases
+ Resolves: #345651
+
* Wed Aug 22 2007 Vitezslav Crhonek <vcrhonek at redhat.com> - 1.4.10-1
- Update to m4-1.4.10
- Fix license to GPL version 3 or later
- Previous message (by thread): rpms/kdebase/F-7 kdebase-3.5.8-flash.patch, NONE, 1.1 kdebase-3.5.8-gdm-socket.patch, NONE, 1.1 kdebase.spec, 1.262, 1.263 kde.desktop, 1.2, NONE
- Next message (by thread): rpms/gnome-python2-desktop/devel gnome-python2-desktop.spec, 1.22, 1.23
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list