From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 38D641399E6 for ; Fri, 4 Sep 2015 08:34:29 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 21FC0143A4; Fri, 4 Sep 2015 08:33:36 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id E7516143B0 for ; Fri, 4 Sep 2015 08:33:29 +0000 (UTC) Received: from oystercatcher.gentoo.org (unknown [IPv6:2a01:4f8:202:4333:225:90ff:fed9:fc84]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id C2D3D340A7F for ; Fri, 4 Sep 2015 08:33:28 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id A2E50199 for ; Fri, 4 Sep 2015 08:33:25 +0000 (UTC) From: "Ulrich Müller" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Ulrich Müller" Message-ID: <1286633004.dcbcdda29e9ec2ff17bd5dab69f10e92af0fe72b.ulm@gentoo> Subject: [gentoo-commits] dev/ulm:pam_skey-1.1.5-patches-5 commit in: patchsets/motif/2.2.3/ X-VCS-Repository: dev/ulm X-VCS-Files: patchsets/motif/2.2.3/16_all_mrm_buffer_overflow.patch X-VCS-Directories: patchsets/motif/2.2.3/ X-VCS-Committer: ulm X-VCS-Committer-Name: Ulrich Müller X-VCS-Revision: dcbcdda29e9ec2ff17bd5dab69f10e92af0fe72b X-VCS-Branch: pam_skey-1.1.5-patches-5 Date: Fri, 4 Sep 2015 08:33:25 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: 6a8e881a-1d77-4efa-ac8b-fa3344629e68 X-Archives-Hash: 0bc2e6d6c1be70725bfca1738ccab527 Message-ID: <20150904083325.4PbAyhbUPhN4ZfPrrbiS08wJNQia9tVwgXMcyBXt5u0@z> commit: dcbcdda29e9ec2ff17bd5dab69f10e92af0fe72b Author: Ulrich Müller gentoo org> AuthorDate: Sat Oct 9 14:03:24 2010 +0000 Commit: Ulrich Müller gentoo org> CommitDate: Sat Oct 9 14:03:24 2010 +0000 URL: https://gitweb.gentoo.org/dev/ulm.git/commit/?id=dcbcdda2 Fix buffer overflow in libmrm, bug 340249. patchsets/motif/2.2.3/16_all_mrm_buffer_overflow.patch | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/patchsets/motif/2.2.3/16_all_mrm_buffer_overflow.patch b/patchsets/motif/2.2.3/16_all_mrm_buffer_overflow.patch new file mode 100644 index 0000000..d4080df --- /dev/null +++ b/patchsets/motif/2.2.3/16_all_mrm_buffer_overflow.patch @@ -0,0 +1,17 @@ +http://bugs.gentoo.org/340249 +Patch backported from openmotif-2.3.3 + +--- openMotif-2.2.3-orig/lib/Mrm/MrmIheader.c ++++ openMotif-2.2.3/lib/Mrm/MrmIheader.c +@@ -228,9 +228,10 @@ + + { + /* sscanf() may call ungetc(), which would write the XmConst string. */ +- char buf[XtNumber(idb__database_version) + 1]; ++ char *buf = XtMalloc(strlen(idb__database_version) + 1); + strcpy(buf, idb__database_version); + sscanf(buf, "URM %d.%d", &db_major, &db_minor); ++ XtFree(buf); + } + + if ((file_major > db_major) ||