summaryrefslogtreecommitdiff
path: root/graphics/jasper/patches/patch-src_libjasper_pnm_pnm__enc.c
diff options
context:
space:
mode:
Diffstat (limited to 'graphics/jasper/patches/patch-src_libjasper_pnm_pnm__enc.c')
-rw-r--r--graphics/jasper/patches/patch-src_libjasper_pnm_pnm__enc.c16
1 files changed, 16 insertions, 0 deletions
diff --git a/graphics/jasper/patches/patch-src_libjasper_pnm_pnm__enc.c b/graphics/jasper/patches/patch-src_libjasper_pnm_pnm__enc.c
new file mode 100644
index 00000000000..03a8cf23acc
--- /dev/null
+++ b/graphics/jasper/patches/patch-src_libjasper_pnm_pnm__enc.c
@@ -0,0 +1,16 @@
+$NetBSD: patch-src_libjasper_pnm_pnm__enc.c,v 1.1 2016/05/16 14:03:40 he Exp $
+
+Fix CVE-2008-3520, patches from
+https://bugs.gentoo.org/show_bug.cgi?id=222819
+
+--- src/libjasper/pnm/pnm_enc.c.orig 2007-01-19 21:43:05.000000000 +0000
++++ src/libjasper/pnm/pnm_enc.c
+@@ -374,7 +374,7 @@ static int pnm_putdata(jas_stream_t *out
+ }
+ }
+ } else {
+- n = sprintf(buf, "%s%ld", ((!(!x && !cmptno)) ? " " : ""),
++ n = snprintf(buf, sizeof buf, "%s%ld", ((!(!x && !cmptno)) ? " " : ""),
+ (long) v);
+ if (linelen > 0 && linelen + n > PNM_MAXLINELEN) {
+ jas_stream_printf(out, "\n");
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-13 23:53:37 +0000