[psfex] Fix formar security bug (bz #1037258)
Sergio Pascual
sergiopr at fedoraproject.org
Thu Dec 5 11:18:42 UTC 2013
commit ad659b967fc60292a1a5f34df4798f684cfb7be0
Author: Sergio Pascual <sergiopr at fis.ucm.es>
Date: Thu Dec 5 12:18:34 2013 +0100
Fix formar security bug (bz #1037258)
- Spec cleanups
psfex-format-sec.patch | 65 ++++++++++++++++++++++++++++++++++++++++++++++++
psfex.spec | 12 +++++---
2 files changed, 72 insertions(+), 5 deletions(-)
---
diff --git a/psfex-format-sec.patch b/psfex-format-sec.patch
new file mode 100644
index 0000000..465861d
--- /dev/null
+++ b/psfex-format-sec.patch
@@ -0,0 +1,65 @@
+diff -ur psfex-3.9.1/src/field.c psfex-3.9.1.format/src/field.c
+--- psfex-3.9.1/src/field.c 2010-11-03 23:08:09.000000000 +0100
++++ psfex-3.9.1.format/src/field.c 2013-12-05 11:51:29.426512559 +0100
+@@ -394,7 +394,7 @@
+
+ cat = new_cat(1);
+ init_cat(cat);
+- sprintf(cat->filename, filename);
++ sprintf(cat->filename, "%s", filename);
+ if (open_cat(cat, WRITE_ONLY) != RETURN_OK)
+ error(EXIT_FAILURE, "*Error*: cannot open for writing ", cat->filename);
+ /* Write primary HDU */
+diff -ur psfex-3.9.1/src/xml.c psfex-3.9.1.format/src/xml.c
+--- psfex-3.9.1/src/xml.c 2010-10-25 20:00:03.000000000 +0200
++++ psfex-3.9.1.format/src/xml.c 2013-12-05 11:56:57.887051460 +0100
+@@ -1201,7 +1201,7 @@
+ name, ucd);
+ break;
+ case P_STRING:
+- sprintf(value, (char *)key[i].ptr);
++ sprintf(value, "%s", (char *)key[i].ptr);
+ fprintf(file, " <PARAM name=\"%s\" datatype=\"char\" arraysize=\"*\""
+ " ucd=\"%s\" value=\"%s\"/>\n",
+ name, ucd, value);
+@@ -1210,13 +1210,13 @@
+ n = *(key[i].nlistptr);
+ if (n)
+ {
+- sprintf(value, ((char **)key[i].ptr)[0]);
++ sprintf(value, "%s", ((char **)key[i].ptr)[0]);
+ fprintf(file, " <PARAM name=\"%s\" datatype=\"char\""
+ " arraysize=\"*\" ucd=\"%s\" value=\"%s",
+ name, ucd, value);
+ for (j=1; j<n; j++)
+ {
+- sprintf(value, ((char **)key[i].ptr)[j]);
++ sprintf(value, "%s", ((char **)key[i].ptr)[j]);
+ fprintf(file, ",%s", value);
+ }
+ fprintf(file, "\"/>\n");
+@@ -1227,7 +1227,7 @@
+ name, ucd);
+ break;
+ case P_KEY:
+- sprintf(value, key[i].keylist[*((int *)key[i].ptr)]);
++ sprintf(value, "%s", key[i].keylist[*((int *)key[i].ptr)]);
+ fprintf(file, " <PARAM name=\"%s\" datatype=\"char\" arraysize=\"*\""
+ " ucd=\"%s\" value=\"%s\"/>\n",
+ name, ucd, value);
+@@ -1236,13 +1236,13 @@
+ n = *(key[i].nlistptr);
+ if (n)
+ {
+- sprintf(value, key[i].keylist[((int *)key[i].ptr)[0]]);
++ sprintf(value, "%s", key[i].keylist[((int *)key[i].ptr)[0]]);
+ fprintf(file, " <PARAM name=\"%s\" datatype=\"char\""
+ " arraysize=\"*\" ucd=\"%s\" value=\"%s",
+ name, ucd, value);
+ for (j=1; j<n; j++)
+ {
+- sprintf(value, key[i].keylist[((int *)key[i].ptr)[j]]);
++ sprintf(value, "%s", key[i].keylist[((int *)key[i].ptr)[j]]);
+ fprintf(file, ",%s", value);
+ }
+ fprintf(file, "\"/>\n");
diff --git a/psfex.spec b/psfex.spec
index b7f64d2..32da160 100644
--- a/psfex.spec
+++ b/psfex.spec
@@ -1,6 +1,6 @@
Name: psfex
Version: 3.9.1
-Release: 9%{?dist}
+Release: 10%{?dist}
Summary: Model the Point Spread Function from FITS images
Group: Applications/Engineering
@@ -9,6 +9,7 @@ URL: http://astromatic.iap.fr/software/%{name}
Source0: http://www.astromatic.net/download/%{name}/%{name}-%{version}.tar.gz
# Change plcol() to plcol0()
Patch0: psfex-plplot.patch
+Patch1: psfex-format-sec.patch
BuildRequires: fftw-devel >= 3.1
BuildRequires: atlas-devel >= 3.6.0
BuildRequires: plplot-devel >= 5.3.1
@@ -22,6 +23,7 @@ morphological analyses.
%prep
%setup -q
%patch0 -p1 -b .plplot
+%patch1 -p1
%if 0%{?fedora} >= 21
# New atlas libs
sed -i -e '/LIBS*=.*atlas/s,=.*,="-L%{_libdir}/atlas -lsatlas",' configure
@@ -35,11 +37,7 @@ make %{?_smp_mflags}
rm -rf %{buildroot}
make DESTDIR=%{buildroot} install
-%clean
-rm -rf %{buildroot}
-
%files
-%defattr(-,root,root,-)
%doc AUTHORS COPYRIGHT HISTORY LICENSE README THANKS doc/psfex.pdf
%{_bindir}/%{name}
%{_mandir}/man1/%{name}.1*
@@ -47,6 +45,10 @@ rm -rf %{buildroot}
%{_datadir}/%{name}/
%changelog
+* Thu Dec 05 2013 Sergio Pascual <sergiopr at fedoraproject.org> - 3.9.1-10
+- Fix formar security bug (bz #1037258)
+- Spec cleanups
+
* Wed Oct 2 2013 Orion Poplawski <orion at cora.nwra.com> - 3.9.1-9
- Rebuild for plplot 5.9.10
- Patch configure for atlas 3.10 library names
More information about the scm-commits
mailing list