[dt] fix possible security problem with malformed message format
okozina
okozina at fedoraproject.org
Wed Dec 4 13:51:54 UTC 2013
commit 16dffd455083b41c2d8431a29882927317a27919
Author: Ondrej Kozina <okozina at redhat.com>
Date: Wed Dec 4 14:51:31 2013 +0100
fix possible security problem with malformed message format
dt-17.66-wformat-security.patch | 24 ++++++++++++++++++++++++
dt.spec | 8 +++++++-
2 files changed, 31 insertions(+), 1 deletions(-)
---
diff --git a/dt-17.66-wformat-security.patch b/dt-17.66-wformat-security.patch
new file mode 100644
index 0000000..6c8ae45
--- /dev/null
+++ b/dt-17.66-wformat-security.patch
@@ -0,0 +1,24 @@
+diff -rupN dt.d.old/dt.c dt.d/dt.c
+--- dt.d.old/dt.c 2012-06-22 21:05:40.000000000 +0200
++++ dt.d/dt.c 2013-12-04 14:36:12.913727265 +0100
+@@ -4507,7 +4507,7 @@ report_error(
+ (void)sprintf(msg_buffer, "(%d): '%s', errno = %d - %s\n",
+ process_id, error_info, errno, emsg);
+ }
+- syslog(LOG_ERR, msg_buffer);
++ syslog(LOG_ERR, "%s", msg_buffer);
+ }
+ #endif /* defined(SYSLOG) */
+
+diff -rupN dt.d.old/dtutil.c dt.d/dtutil.c
+--- dt.d.old/dtutil.c 2012-06-06 19:20:23.000000000 +0200
++++ dt.d/dtutil.c 2013-12-04 14:36:36.729650286 +0100
+@@ -5322,7 +5322,7 @@ ReportDeviceInfo (
+ } else {
+ bp += Sprintf(bp, "\n");
+ }
+- syslog(LOG_ERR, msg_buffer);
++ syslog(LOG_ERR, "%s", msg_buffer);
+ }
+ #endif /* defined(SYSLOG) */
+
diff --git a/dt.spec b/dt.spec
index c3379bb..53b804d 100644
--- a/dt.spec
+++ b/dt.spec
@@ -1,6 +1,6 @@
Name: dt
Version: 17.66
-Release: 4%{?dist}
+Release: 5%{?dist}
Summary: Generic data test program
Group: Applications/System
@@ -10,6 +10,7 @@ URL: http://www.scsifaq.org/RMiller_Tools/dt.html
# kindly provided by author himself
Source0: http://dl.dropbox.com/u/32363629/Datatest/dt-source-v%{version}.tar.gz
Patch0: dt-17.66-manpage.patch
+Patch1: dt-17.66-wformat-security.patch
%description
dt is a generic data test program used to verify proper operation of
@@ -35,6 +36,7 @@ scripts and config data are installed in %{_datadir}/%{name}.
%prep
%setup -q -n dt.d
%patch0 -p1
+%patch1 -p1
%build
make %{?_smp_mflags} CFLAGS="%{optflags} -DAIO -DFIFO -DMMAP -D__linux__ -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -DTHREADS" -f Makefile.linux
@@ -57,6 +59,10 @@ install -m644 html/* $RPM_BUILD_ROOT%{_defaultdocdir}/%{name}/html
%{_mandir}/man8/%{name}.*.gz
%changelog
+* Wed Dec 04 2013 Ondrej Kozina <okozina at redhat.com> - 17.66-5
+- fix possible security problem with malformed message format
+- Resolves: #1037043
+
* Mon Aug 05 2013 Ondrej Kozina <okozina at redhat.com> - 17.66-4
- remove version suffix from all install directives related to documentation (reflects recent change in %doc macro)
More information about the scm-commits
mailing list