Link [ NetBSD | NetBSD OpenGrok source search | PR fulltext-search | Summary of daily snapshot builds | history of daily build result | pkgsrc commit viewer ]


   
        usage: [branch:branch] [user:user] [path@revision] keyword [... [-excludekeyword [...]]] (e.g. branch:MAIN sys/arch/arm, if_wm.c@1.234 )


[ 1 ]


switch to index mode

recent branches: MAIN (7h)  netbsd-10 (18d)  netbsd-9 (18d)  netbsd-8 (23d) 

2024-06-04 02:46:51 UTC Now

2014-01-07 07:41:59 UTC MAIN commitmail json YAML

xsrc/external/mit/libXfont/dist/src/bitmap/bdfread.c@1.2 / diff / nxr@1.2

CVS-2013-6462:
From aeabb3efa6905e11c479e2e5319f2b6b3ab22009 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Mon, 23 Dec 2013 18:34:02 -0800
Subject: [PATCH:libXfont 1/2] CVE-2013-XXXX: unlimited sscanf can overflow
stack buffer in bdfReadCharacters()

Fixes cppcheck warning:
[lib/libXfont/src/bitmap/bdfread.c:341]: (warning)
  scanf without field width limits can crash with huge input data.

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
Reviewed-by: Matthieu Herrb <matthieu@herrb.eu>
Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
---
src/bitmap/bdfread.c |    2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

(wiz)

[ 1 ]