slackbuilds/graphics/xli/patch-ae

17 lines
579 B
Plaintext

$NetBSD: patch-ae,v 1.1 2005/10/30 17:58:58 salo Exp $
Security fix for CVE-2005-3178, from Debian.
--- reduce.c.orig 1999-10-25 04:15:02.000000000 +0200
+++ reduce.c 2005-10-30 18:49:53.000000000 +0100
@@ -178,7 +178,8 @@
/* get destination image */
depth = colorsToDepth(OutColors);
new_image = newRGBImage(image->width, image->height, depth);
- sprintf(buf, "%s (%d colors)", image->title, OutColors);
+ snprintf(buf, BUFSIZ, "%s (%d colors)", image->title, OutColors);
+ buf[BUFSIZ-1] = '\0';
new_image->title = dupString(buf);
new_image->gamma = image->gamma;