[freewrl] fix format-security issue
Tom Callaway
spot at fedoraproject.org
Tue Dec 3 15:53:43 UTC 2013
commit 0b63ddb68351f26f67a289ef833efc344e06d164
Author: Tom Callaway <spot at fedoraproject.org>
Date: Tue Dec 3 10:53:38 2013 -0500
fix format-security issue
freewrl-1.22.13-format-security-fix.patch | 12 ++++++++++++
freewrl.spec | 15 ++++++---------
2 files changed, 18 insertions(+), 9 deletions(-)
---
diff --git a/freewrl-1.22.13-format-security-fix.patch b/freewrl-1.22.13-format-security-fix.patch
new file mode 100644
index 0000000..6f41440
--- /dev/null
+++ b/freewrl-1.22.13-format-security-fix.patch
@@ -0,0 +1,12 @@
+diff -up freewrl-1.22.13/src/lib/main/ConsoleMessage.c.format-security freewrl-1.22.13/src/lib/main/ConsoleMessage.c
+--- freewrl-1.22.13/src/lib/main/ConsoleMessage.c.format-security 2013-12-03 10:31:01.132222031 -0500
++++ freewrl-1.22.13/src/lib/main/ConsoleMessage.c 2013-12-03 10:33:18.232054080 -0500
+@@ -327,7 +327,7 @@ int fwvsnprintf(char *buffer,int buffer_
+
+ if (j) {
+ format[j] = '\0';
+- count += sprintf(tempbuf, format);/* printf it verbatim */
++ count += sprintf(tempbuf, "%s", format);/* printf it verbatim */
+ fmt += j;
+ } else {
+ for (j = 0; !isalpha(fmt[j]); j++) { /* find end of format specifier */
diff --git a/freewrl.spec b/freewrl.spec
index 5562f04..cc3b9bf 100644
--- a/freewrl.spec
+++ b/freewrl.spec
@@ -2,13 +2,14 @@
Name: freewrl
Version: %{basever}.1
-Release: 10%{?dist}
+Release: 11%{?dist}
Summary: X3D / VRML visualization program
Group: Applications/Internet
License: LGPLv3+
URL: http://freewrl.sourceforge.net
Source0: http://sourceforge.net/projects/freewrl/files/freewrl-linux/1.22/%{name}-%{version}.tar.bz2
Source1: README.FreeWRL.java
+Patch0: freewrl-1.22.13-format-security-fix.patch
BuildRequires: zlib-devel, freetype-devel, fontconfig-devel
BuildRequires: imlib2-devel, nspr-devel, xulrunner-devel, js-devel
BuildRequires: expat-devel, libXxf86vm-devel, libX11-devel, libXext-devel
@@ -69,14 +70,7 @@ browser plugin for Firefox (and other xulrunner compatible browsers).
%prep
%setup -q -n %{name}-%{basever}
-# %patch0 -p1 -b .xul13
-# %patch1 -p1 -b .noJS_FinalizeStub
-# %patch2 -p1 -b .noMaybeGC
-# %patch3 -p1 -b .NewGlobalObject
-# %patch4 -p1 -b .jsgp
-# %patch5 -p1 -b .wrappers
-# %patch6 -p1 -b .nojsco
-# %patch7 -p1 -b .jsnvv
+%patch0 -p1 -b .format-security
cp %{SOURCE1} .
# Don't need it.
rm -rf appleOSX/
@@ -150,6 +144,9 @@ chrpath --delete %{buildroot}%{_libdir}/libFreeWRLEAI.so.*
%{_libdir}/mozilla/plugins/libFreeWRLplugin.so
%changelog
+* Tue Dec 3 2013 Tom Callaway <spot at fedoraproject.org> - 1.22.13.1-11
+- fix error with -Werror=format-security
+
* Mon Nov 18 2013 Dave Airlie <airlied at redhat.com> - 1.22.13.1-10
- rebuilt for GLEW 1.10
More information about the scm-commits
mailing list