[hydrogen] format-security patch

Brendan Jones bsjones at fedoraproject.org
Wed Dec 11 05:14:03 UTC 2013


commit e4de865b7287eb9c11ff2248b15c323cac7e312a
Author: Brendan Jones <brendan.jones.it at gmail.com>
Date:   Wed Dec 11 06:08:04 2013 +0100

    format-security patch

 hydrogen-format-security.patch |   15 +++++++++++++++
 hydrogen-gcc47.patch           |   34 ----------------------------------
 hydrogen.spec                  |    7 ++++++-
 3 files changed, 21 insertions(+), 35 deletions(-)
---
diff --git a/hydrogen-format-security.patch b/hydrogen-format-security.patch
new file mode 100644
index 0000000..e5f17bf
--- /dev/null
+++ b/hydrogen-format-security.patch
@@ -0,0 +1,15 @@
+diff -Nurp hydrogen-0.9.5.1/libs/hydrogen/src/object.cpp hydrogen-0.9.5.1.mod/libs/hydrogen/src/object.cpp
+--- hydrogen-0.9.5.1/libs/hydrogen/src/object.cpp	2009-09-20 04:04:23.000000000 +0200
++++ hydrogen-0.9.5.1.mod/libs/hydrogen/src/object.cpp	2013-12-10 07:18:00.506872464 +0100
+@@ -239,9 +239,9 @@ void* loggerThread_func( void* param )
+ 		QString tmpString;
+ 		for( it = last = queue.begin() ; it != queue.end() ; ++it ) {
+ 			last = it;
+-			printf( it->toLocal8Bit() );
++			printf("%s", qPrintable(it->toLocal8Bit()));
+ 			if( pLogFile ) {
+-				fprintf( pLogFile, it->toLocal8Bit() );
++				fprintf( pLogFile, "%s", qPrintable(it->toLocal8Bit()));
+ 				fflush( pLogFile );
+ 			}
+ 		}
diff --git a/hydrogen.spec b/hydrogen.spec
index a16478b..e51cabc 100644
--- a/hydrogen.spec
+++ b/hydrogen.spec
@@ -1,7 +1,7 @@
 Summary:      Advanced drum machine for GNU/Linux
 Name:         hydrogen
 Version:      0.9.5.1
-Release:      7%{?dist}
+Release:      8%{?dist}
 URL:          http://www.hydrogen-music.org/
 Source0:      http://downloads.sourceforge.net/%{name}/%{name}-%{version}.tar.gz
 # Remove the "you are using the development version" warning
@@ -11,6 +11,7 @@ Patch1:       hydrogen-devel-warning.patch
 # We need to use pkgconfig to detect lrdf to get the right cflags
 # Temporary patch since upstream already switched from scons to cmake in trunk
 Patch2:       hydrogen-lrdf-pkg.patch
+Patch3:       hydrogen-format-security.patch
 License:      GPLv2+
 
 
@@ -61,6 +62,7 @@ sed -i '/porttime/d' Sconstruct
 %endif
 %patch1 -p1 -b .nodevver
 %patch2 -p1 -b .cflags
+%patch3 -p1 -b .fmt-security
 
 # Workaround due to change in scons behavior. Just a temporary fix since upstream
 # switched to cmake in trunk
@@ -133,6 +135,9 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || :
 
 
 %changelog
+* Wed Dec 11 2013 Brendan Jones <brendan.jones.it at gmail.com> 0.9.5.1-8
+- format-security patch
+
 * Sat Aug 03 2013 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 0.9.5.1-7
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
 


More information about the scm-commits mailing list