Sophie

Sophie

distrib > Mandriva > current > i586 > media > contrib-release-src > by-pkgid > 60250b134257c358efa0a090480d76da > files > 1

orpheus-1.6-6mdv2010.0.src.rpm

Fix a stack-based buffer overflow in kkstrtext.h in ktools library.
(CVE-2005-3863) (Closes: #368402)
Index: orpheus-1.5/kkstrtext-0.1/kkstrtext.h
===================================================================
--- orpheus-1.5.orig/kkstrtext-0.1/kkstrtext.h	2003-12-14 11:51:38.000000000 +0100
+++ orpheus-1.5/kkstrtext-0.1/kkstrtext.h	2006-08-01 21:57:14.000000000 +0200
@@ -87,7 +87,7 @@
     { \
 	va_list vgs__ap; char vgs__buf[1024]; \
 	va_start(vgs__ap, fmt); \
-	vsprintf(vgs__buf, fmt, vgs__ap); c = vgs__buf; \
+	vsnprintf(vgs__buf, 1024, fmt, vgs__ap); c = vgs__buf; \
 	va_end(vgs__ap); \
     }

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional