[libsmi] format-security fixes

Tom Callaway spot at fedoraproject.org
Tue Dec 3 19:00:33 UTC 2013 

commit 670aa47ff88471b7c47c7308742048eef2ff21a1
Author: Tom Callaway <spot at fedoraproject.org>
Date:   Tue Dec 3 14:00:30 2013 -0500

    format-security fixes

 libsmi-0.4.8-format-security-fix.patch |   21 +++++++++++++++++++++
 libsmi.spec                            |    2 ++
 2 files changed, 23 insertions(+), 0 deletions(-)
---
diff --git a/libsmi-0.4.8-format-security-fix.patch b/libsmi-0.4.8-format-security-fix.patch
new file mode 100644
index 0000000..85c5de1
--- /dev/null
+++ b/libsmi-0.4.8-format-security-fix.patch
@@ -0,0 +1,21 @@
+diff -up libsmi-0.4.8/tools/dump-tree.c.format-security libsmi-0.4.8/tools/dump-tree.c
+--- libsmi-0.4.8/tools/dump-tree.c.format-security	2013-12-03 13:57:07.138165398 -0500
++++ libsmi-0.4.8/tools/dump-tree.c	2013-12-03 13:57:29.024137637 -0500
+@@ -117,7 +117,7 @@ static void fprintIndex(FILE *f, SmiNode
+ 	 smiElement; smiElement = smiGetNextElement(smiElement), i++) {
+ 	if (i > 0) fprintf(f, ",");
+ 	if (indexname) {
+-	    fprintf(f, indexname);
++	    fprintf(f, "%s", indexname);
+ 	}
+ 	indexname = smiGetElementNode(smiElement)->name;
+     }
+@@ -143,7 +143,7 @@ static void fprintObjects(FILE *f, SmiNo
+ 	 smiElement = smiGetNextElement(smiElement), i++) {
+ 	if (i > 0) fprintf(f, ",");
+ 	if (objectname) {
+-	    fprintf(f, objectname);
++	    fprintf(f, "%s", objectname);
+ 	}
+ 	objectname = smiGetElementNode(smiElement)->name;
+     }
diff --git a/libsmi.spec b/libsmi.spec
index 76c25ad..2eddc9d 100644
--- a/libsmi.spec
+++ b/libsmi.spec
@@ -12,6 +12,7 @@ Source2:	IETF-MIB-LICENSE.txt
 Patch0:		libsmi-0.4.8-wget111.patch
 Patch1:		libsmi-0.4.8-CVE-2010-2891.patch
 Patch2:		libsmi-0.4.8-symbols-clash.patch
+Patch3:		libsmi-0.4.8-format-security-fix.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires:  libtool
@@ -47,6 +48,7 @@ libsmi-based applications.
 %patch0 -p1 -b .wget111
 %patch1 -p1 -b .CVE-2010-2891
 %patch2 -p1 -b .clash
+%patch3 -p1 -b .format-security
 cp %{SOURCE2} .
 
 %build

More information about the scm-commits mailing list