[libsmi] format-security fixes
Tom Callaway
spot at fedoraproject.org
Tue Dec 3 19:00:33 UTC 2013
commit 670aa47ff88471b7c47c7308742048eef2ff21a1
Author: Tom Callaway <spot at fedoraproject.org>
Date: Tue Dec 3 14:00:30 2013 -0500
format-security fixes
libsmi-0.4.8-format-security-fix.patch | 21 +++++++++++++++++++++
libsmi.spec | 2 ++
2 files changed, 23 insertions(+), 0 deletions(-)
---
diff --git a/libsmi-0.4.8-format-security-fix.patch b/libsmi-0.4.8-format-security-fix.patch
new file mode 100644
index 0000000..85c5de1
--- /dev/null
+++ b/libsmi-0.4.8-format-security-fix.patch
@@ -0,0 +1,21 @@
+diff -up libsmi-0.4.8/tools/dump-tree.c.format-security libsmi-0.4.8/tools/dump-tree.c
+--- libsmi-0.4.8/tools/dump-tree.c.format-security 2013-12-03 13:57:07.138165398 -0500
++++ libsmi-0.4.8/tools/dump-tree.c 2013-12-03 13:57:29.024137637 -0500
+@@ -117,7 +117,7 @@ static void fprintIndex(FILE *f, SmiNode
+ smiElement; smiElement = smiGetNextElement(smiElement), i++) {
+ if (i > 0) fprintf(f, ",");
+ if (indexname) {
+- fprintf(f, indexname);
++ fprintf(f, "%s", indexname);
+ }
+ indexname = smiGetElementNode(smiElement)->name;
+ }
+@@ -143,7 +143,7 @@ static void fprintObjects(FILE *f, SmiNo
+ smiElement = smiGetNextElement(smiElement), i++) {
+ if (i > 0) fprintf(f, ",");
+ if (objectname) {
+- fprintf(f, objectname);
++ fprintf(f, "%s", objectname);
+ }
+ objectname = smiGetElementNode(smiElement)->name;
+ }
diff --git a/libsmi.spec b/libsmi.spec
index 76c25ad..2eddc9d 100644
--- a/libsmi.spec
+++ b/libsmi.spec
@@ -12,6 +12,7 @@ Source2: IETF-MIB-LICENSE.txt
Patch0: libsmi-0.4.8-wget111.patch
Patch1: libsmi-0.4.8-CVE-2010-2891.patch
Patch2: libsmi-0.4.8-symbols-clash.patch
+Patch3: libsmi-0.4.8-format-security-fix.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
BuildRequires: libtool
@@ -47,6 +48,7 @@ libsmi-based applications.
%patch0 -p1 -b .wget111
%patch1 -p1 -b .CVE-2010-2891
%patch2 -p1 -b .clash
+%patch3 -p1 -b .format-security
cp %{SOURCE2} .
%build
More information about the scm-commits
mailing list