rpms/gcx/devel gcx-0.9.11-bounds.patch,NONE,1.1 gcx.spec,1.4,1.5

[Lubomir Rintel]

Author: lkundrak

Update of /cvs/pkgs/rpms/gcx/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv28127

Modified Files:
	gcx.spec 
Added Files:
	gcx-0.9.11-bounds.patch 
Log Message:
* Mon Apr 6 2009 Lubomir Rintel (Fedora Astronomy) <lkundrak at v3.sk> - 0.9.11-6
- Fix a stack overflow (#494345)


gcx-0.9.11-bounds.patch:

--- NEW FILE gcx-0.9.11-bounds.patch ---
Don't overwrite the stack canary with out-of-bound write.

Lubomir Rintel <lkundrak at v3.sk>

diff -urp gcx-0.9.11/src/ccd/ccd_frame.c gcx-0.9.11.fixed/src/ccd/ccd_frame.c
--- gcx-0.9.11/src/ccd/ccd_frame.c	2007-03-26 15:24:14.000000000 +0200
+++ gcx-0.9.11.fixed/src/ccd/ccd_frame.c	2009-04-06 21:40:19.161312909 +0200
@@ -1348,7 +1348,7 @@ static int frame_to_float(struct ccd_fra
  * or -1 for an error */
 int fits_get_double(struct ccd_frame *fr, char *kwd, double *v)
 {
-	char vs[FITS_HCOLS+1];
+	char vs[FITS_HCOLS+2];
 	FITS_row *row;
 	char * end;
 	double vv;


Index: gcx.spec
===================================================================
RCS file: /cvs/pkgs/rpms/gcx/devel/gcx.spec,v
retrieving revision 1.4
retrieving revision 1.5
diff -u -r1.4 -r1.5
--- gcx.spec	24 Mar 2009 13:39:44 -0000	1.4
+++ gcx.spec	6 Apr 2009 20:03:36 -0000	1.5
@@ -1,6 +1,6 @@
 Name:		gcx
 Version:	0.9.11
-Release:	5%{?dist}
+Release:	6%{?dist}
 Summary:	Data-reduction tool for CCD photometry
 
 License:	GPLv2+
@@ -9,6 +9,7 @@
 Source0:	http://download.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
 Source1:	gcx.desktop
 Source2:	gcx.svg
+Patch0:         gcx-0.9.11-bounds.patch
 
 BuildRoot:	%{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Requires:	gnuplot
@@ -46,6 +47,9 @@
 %{_datadir}/gcx
 
 %changelog
+* Mon Apr 6 2009 Lubomir Rintel (Fedora Astronomy) <lkundrak at v3.sk> - 0.9.11-6
+- Fix a stack overflow (#494345)
+
 * Tue Mar 24 2009 Lubomir Rintel (Fedora Astronomy) <lkundrak at v3.sk> - 0.9.11-5
 - Fix the icon location