diff options
Diffstat (limited to 'network/uudeview/patches/043_string_format_issue.diff')
-rw-r--r-- | network/uudeview/patches/043_string_format_issue.diff | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/network/uudeview/patches/043_string_format_issue.diff b/network/uudeview/patches/043_string_format_issue.diff new file mode 100644 index 0000000000..7cbc584f5b --- /dev/null +++ b/network/uudeview/patches/043_string_format_issue.diff @@ -0,0 +1,24 @@ +Description: Fix potential security issue (arbitrary string being passed + as a format string to fprintf). +Author: Andrew Shadura <andrewsh@debian.org> + +--- a/unix/uuenview.c ++++ b/unix/uuenview.c +@@ -310,7 +310,7 @@ SendMkCommand (char **rcptlist, char *to + } + + if ((*rcptlist = (char *) malloc (strlen (towhom) + 16)) == NULL) { +- fprintf (stderr, "error: Out of memory allocating %d bytes\n", ++ fprintf (stderr, "error: Out of memory allocating %zd bytes\n", + strlen (towhom)+16); + _FP_free (command); + return NULL; +@@ -483,7 +483,7 @@ AttachFiles (char *towhom, char *subject + if (_FP_stristr (input, "multipart") != NULL) { + /* it is already a multipart posting. grab the boundary */ + if ((ptr = _FP_stristr (input, "boundary=")) != NULL) { +- fprintf(thepipe, input); ++ fprintf(thepipe, "%s", input); + strcpy (boundary, ParseValue (ptr)); + hadmulti = 1; + } |