rpms/htmldoc/F-11 htmldoc-1.8.27-fortify-fail.patch, NONE, 1.1 htmldoc-1.8.27-scanf-overflows.patch, NONE, 1.1 htmldoc.spec, 1.14, 1.15
Adam Goode
agoode at fedoraproject.org
Fri Aug 14 04:12:54 UTC 2009
Author: agoode
Update of /cvs/extras/rpms/htmldoc/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv11755
Modified Files:
htmldoc.spec
Added Files:
htmldoc-1.8.27-fortify-fail.patch
htmldoc-1.8.27-scanf-overflows.patch
Log Message:
* Thu Aug 13 2009 Adam Goode <adam at spicenitz.org> - 1.8.27-12
- Fix limitation of -D_FORTIFY_SOURCE=2 (#511520)
- Fix scanf overflows (#512513)
htmldoc-1.8.27-fortify-fail.patch:
ps-pdf.cxx | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- NEW FILE htmldoc-1.8.27-fortify-fail.patch ---
diff -ur htmldoc-1.8.27~/htmldoc/ps-pdf.cxx htmldoc-1.8.27/htmldoc/ps-pdf.cxx
--- htmldoc-1.8.27~/htmldoc/ps-pdf.cxx 2009-08-13 19:32:21.846860508 -0400
+++ htmldoc-1.8.27/htmldoc/ps-pdf.cxx 2009-08-13 19:40:29.185857503 -0400
@@ -8619,7 +8619,7 @@
return (NULL);
}
// Safe because buffer is allocated...
- strcpy((char *)r->data.text.buffer, (char *)data);
+ memcpy((char *)r->data.text.buffer, (char *)data, strlen((char *)data));
get_color(_htmlTextColor, r->data.text.rgb);
break;
case RENDER_IMAGE :
@@ -8640,7 +8640,7 @@
return (NULL);
}
// Safe because buffer is allocated...
- strcpy((char *)r->data.link, (char *)data);
+ memcpy((char *)r->data.link, (char *)data, strlen((char *)data));
break;
}
htmldoc-1.8.27-scanf-overflows.patch:
htmllib.cxx | 2 +-
htmllib.cxx.orig |only
ps-pdf.cxx | 2 +-
ps-pdf.cxx.orig |only
util.cxx | 2 +-
5 files changed, 3 insertions(+), 3 deletions(-)
--- NEW FILE htmldoc-1.8.27-scanf-overflows.patch ---
diff -ur htmldoc-1.8.27~/htmldoc/htmllib.cxx htmldoc-1.8.27/htmldoc/htmllib.cxx
--- htmldoc-1.8.27~/htmldoc/htmllib.cxx 2009-08-13 19:25:30.066734472 -0400
+++ htmldoc-1.8.27/htmldoc/htmllib.cxx 2009-08-13 19:25:38.997733603 -0400
@@ -2154,7 +2154,7 @@
* assigned charset...
*/
- if (sscanf(line, "%*s%*s%*s%*s%f%*s%*s%s", &width, glyph) != 2)
+ if (sscanf(line, "%*s%*s%*s%*s%f%*s%*s%63s", &width, glyph) != 2)
continue;
for (ch = 0; ch < 256; ch ++)
Only in htmldoc-1.8.27/htmldoc: htmllib.cxx.orig
diff -ur htmldoc-1.8.27~/htmldoc/ps-pdf.cxx htmldoc-1.8.27/htmldoc/ps-pdf.cxx
--- htmldoc-1.8.27~/htmldoc/ps-pdf.cxx 2009-08-13 19:25:30.076736152 -0400
+++ htmldoc-1.8.27/htmldoc/ps-pdf.cxx 2009-08-13 19:25:39.010735889 -0400
@@ -12515,7 +12515,7 @@
* assigned charset...
*/
- if (sscanf(line, "%*s%*s%*s%*s%d%*s%*s%s", &width, glyph) != 2)
+ if (sscanf(line, "%*s%*s%*s%*s%d%*s%*s%63s", &width, glyph) != 2)
continue;
for (ch = 0; ch < 256; ch ++)
Only in htmldoc-1.8.27/htmldoc: ps-pdf.cxx.orig
diff -ur htmldoc-1.8.27~/htmldoc/util.cxx htmldoc-1.8.27/htmldoc/util.cxx
--- htmldoc-1.8.27~/htmldoc/util.cxx 2005-04-24 15:20:32.000000000 -0400
+++ htmldoc-1.8.27/htmldoc/util.cxx 2009-08-13 19:25:39.014737749 -0400
@@ -484,7 +484,7 @@
PageWidth = 595;
PageLength = 792;
}
- else if (sscanf(size, "%fx%f%s", &width, &length, units) >= 2)
+ else if (sscanf(size, "%fx%f%254s", &width, &length, units) >= 2)
{
/*
* Custom size...
Index: htmldoc.spec
===================================================================
RCS file: /cvs/extras/rpms/htmldoc/F-11/htmldoc.spec,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -p -r1.14 -r1.15
--- htmldoc.spec 25 Feb 2009 04:10:02 -0000 1.14
+++ htmldoc.spec 14 Aug 2009 04:12:54 -0000 1.15
@@ -1,6 +1,6 @@
Name: htmldoc
Version: 1.8.27
-Release: 10%{?dist}
+Release: 12%{?dist}
Summary: Converter from HTML into indexed HTML, PostScript, or PDF
Group: Applications/Publishing
@@ -15,6 +15,8 @@ Source: http://ftp.easysw.com/pub/%{nam
Patch0: htmldoc-1.8.27-desktop-icon.patch
Patch1: htmldoc-1.8.27-dingbats-standard.patch
Patch2: htmldoc-1.8.27-system-fonts.patch
+Patch3: htmldoc-1.8.27-scanf-overflows.patch
+Patch4: htmldoc-1.8.27-fortify-fail.patch
BuildRequires: openssl-devel libjpeg-devel libpng-devel zlib-devel
BuildRequires: fltk-devel libXpm-devel desktop-file-utils
@@ -95,6 +97,13 @@ ln -s %{_fontbasedir}/dejavu/DejaVuSerif
ln -s %{_fontbasedir}/dejavu/DejaVuSerif-Bold.ttf
ln -s %{_fontbasedir}/dejavu/DejaVuSerif-Italic.ttf
ln -s %{_fontbasedir}/dejavu/DejaVuSerif.ttf
+cd ..
+
+# fix some scanf overflows (http://www.htmldoc.org/str.php?L214)
+%patch3 -p1 -b .scanf-overflows
+
+# fix limitation of -D_FORTIFY_SOURCE=2
+%patch4 -p1 -b .fortify-fail
%build
@@ -173,6 +182,13 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Thu Aug 13 2009 Adam Goode <adam at spicenitz.org> - 1.8.27-12
+- Fix limitation of -D_FORTIFY_SOURCE=2 (#511520)
+- Fix scanf overflows (#512513)
+
+* Fri Jul 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.8.27-11
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
+
* Tue Feb 24 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 1.8.27-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
More information about the fedora-extras-commits
mailing list