CVS commit: xsrc/external/mit/libXfont/dist/src/bitmap

To: source-changes%NetBSD.org@localhost
Subject: CVS commit: xsrc/external/mit/libXfont/dist/src/bitmap
From: "Thomas Klausner" <wiz%netbsd.org@localhost>
Date: Tue, 7 Jan 2014 07:41:59 +0000

Module Name:    xsrc
Committed By:   wiz
Date:           Tue Jan  7 07:41:59 UTC 2014

Modified Files:
        xsrc/external/mit/libXfont/dist/src/bitmap: bdfread.c

Log Message:
CVS-2013-6462:
>From aeabb3efa6905e11c479e2e5319f2b6b3ab22009 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
Date: Mon, 23 Dec 2013 18:34:02 -0800
Subject: [PATCH:libXfont 1/2] CVE-2013-XXXX: unlimited sscanf can overflow
 stack buffer in bdfReadCharacters()

Fixes cppcheck warning:
 [lib/libXfont/src/bitmap/bdfread.c:341]: (warning)
  scanf without field width limits can crash with huge input data.

Signed-off-by: Alan Coopersmith <alan.coopersmith%oracle.com@localhost>
Reviewed-by: Matthieu Herrb <matthieu%herrb.eu@localhost>
Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu%apple.com@localhost>
---
 src/bitmap/bdfread.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


To generate a diff of this commit:
cvs rdiff -u -r1.1.1.3 -r1.2 \
    xsrc/external/mit/libXfont/dist/src/bitmap/bdfread.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Prev by Date: CVS commit: src/distrib/notes/common
Next by Date: CVS commit: xsrc/external/mit/libXfont/dist/src/bitmap
Previous by Thread: CVS commit: src/distrib/notes/common
Next by Thread: CVS commit: xsrc/external/mit/libXfont/dist/src/bitmap
Indexes:

Home | Main Index | Thread Index | Old Index