rpms/gif2png/F-11 gif2png.spec, 1.9, 1.10 gif2png-overflow.patch, 1.1, 1.2
ensc
ensc at fedoraproject.org
Sat Jan 2 11:35:33 UTC 2010
- Previous message (by thread): rpms/gif2png/F-12 gif2png.spec, 1.10, 1.11 gif2png-overflow.patch, 1.1, 1.2
- Next message (by thread): rpms/net-tools/devel net-tools-1.60-IA64.patch, NONE, 1.1 net-tools-1.60-large-indexes.patch, NONE, 1.1 net-tools-1.60-netstat_stop_trim.patch, 1.3, 1.4 net-tools-1.60-num-ports.patch, 1.1, 1.2 net-tools-1.60-overflow.patch, 1.1, 1.2 net-tools-1.60-trunc.patch, 1.1, 1.2 net-tools.spec, 1.106, 1.107
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: ensc
Update of /cvs/extras/rpms/gif2png/F-11
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv28627/F-11
Modified Files:
gif2png.spec gif2png-overflow.patch
Log Message:
changed -overflow patch to abort on bad filenames instead of processing
truncated ones
Index: gif2png.spec
===================================================================
RCS file: /cvs/extras/rpms/gif2png/F-11/gif2png.spec,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -p -r1.9 -r1.10
--- gif2png.spec 1 Jan 2010 16:36:27 -0000 1.9
+++ gif2png.spec 2 Jan 2010 11:35:33 -0000 1.10
@@ -3,7 +3,7 @@
Summary: A GIF to PNG converter
Name: gif2png
Version: 2.5.1
-Release: %release_func 1100
+Release: %release_func 1101
License: BSD
Group: Applications/Multimedia
URL: http://www.catb.org/~esr/gif2png/
@@ -44,7 +44,7 @@ convert entire web hierarchies (images a
%setup -q
%patch0 -p1
-cat debian/patches/* | patch -p1
+cat debian/patches/* | patch -p1
%build
@@ -75,6 +75,10 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Sat Jan 2 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 2.5.1-1101
+- changed -overflow patch to abort on bad filenames instead of
+ processing truncated ones
+
* Fri Jan 1 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 2.5.1-1100
- fixed command line buffer overflow (#547515)
gif2png-overflow.patch:
gif2png.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
Index: gif2png-overflow.patch
===================================================================
RCS file: /cvs/extras/rpms/gif2png/F-11/gif2png-overflow.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- gif2png-overflow.patch 1 Jan 2010 16:36:27 -0000 1.1
+++ gif2png-overflow.patch 2 Jan 2010 11:35:33 -0000 1.2
@@ -19,13 +19,16 @@ Index: gif2png-2.5.2/gif2png.c
if (strcmp(file_ext, ".gif") != 0 && strcmp(file_ext, ".GIF") != 0 &&
strcmp(file_ext, "_gif") != 0 && strcmp(file_ext, "_GIF") != 0) {
/* try to derive basename */
-@@ -874,7 +877,8 @@ int main(int argc, char *argv[])
+@@ -874,6 +877,12 @@ int main(int argc, char *argv[])
}
} else {
for (i = ac;i<argc; i++) {
-- strcpy(name, argv[i]);
-+ strncpy(name, argv[i], sizeof name - sizeof ".gif");
-+ name[sizeof name - sizeof ".gif"] = '\0';
++ if (strlen(argv[i]) >= sizeof name - sizeof ".gif") {
++ fprintf(stderr, "%s: name too long\n", argv[i]);
++ errors = 1;
++ continue;
++ }
++
+ strcpy(name, argv[i]);
if ((fp = fopen(name, "rb")) == NULL) {
/* retry with .gif appended */
- strcat(name, ".gif");
- Previous message (by thread): rpms/gif2png/F-12 gif2png.spec, 1.10, 1.11 gif2png-overflow.patch, 1.1, 1.2
- Next message (by thread): rpms/net-tools/devel net-tools-1.60-IA64.patch, NONE, 1.1 net-tools-1.60-large-indexes.patch, NONE, 1.1 net-tools-1.60-netstat_stop_trim.patch, 1.3, 1.4 net-tools-1.60-num-ports.patch, 1.1, 1.2 net-tools-1.60-overflow.patch, 1.1, 1.2 net-tools-1.60-trunc.patch, 1.1, 1.2 net-tools.spec, 1.106, 1.107
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list