Sophie

Sophie

distrib > * > 2008.0 > x86_64 > by-pkgid > 484c7a01dd6d3e9354459b1d9e656358 > files > 5

libtiff-3.8.2-8mdv2008.0.src.rpm

  * SECURITY UPDATE: Arbitrary command execution with crafted TIF files.
  * Add debian/patches/tiff2pdf-octal-printf.patch:
    - tools/tiff2pdf.c: Fix buffer overflow due to wrong printf for octal
      signed char (it printed a signed integer, which overflew the buffer and
      was wrong anyway).
    - CVE-2006-2193

diff -ruN tiff-3.7.4-old/tools/tiff2pdf.c tiff-3.7.4/tools/tiff2pdf.c
--- tiff-3.7.4-old/tools/tiff2pdf.c	2005-06-23 15:30:28.000000000 +0200
+++ tiff-3.7.4/tools/tiff2pdf.c	2006-06-02 18:15:11.000000000 +0200
@@ -3758,7 +3758,7 @@
 	written += TIFFWriteFile(output, (tdata_t) "(", 1);
 	for (i=0;i<len;i++){
 		if((pdfstr[i]&0x80) || (pdfstr[i]==127) || (pdfstr[i]<32)){
-			sprintf(buffer, "\\%.3o", pdfstr[i]);
+			sprintf(buffer, "\\%.3hho", pdfstr[i]);
 			written += TIFFWriteFile(output, (tdata_t) buffer, 4);
 		} else {
 			switch (pdfstr[i]){

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional