summaryrefslogtreecommitdiff
path: root/graphics/xli/patch-af
diff options
context:
space:
mode:
Diffstat (limited to 'graphics/xli/patch-af')
-rw-r--r--graphics/xli/patch-af40
1 files changed, 40 insertions, 0 deletions
diff --git a/graphics/xli/patch-af b/graphics/xli/patch-af
new file mode 100644
index 0000000000..7e4565ee9b
--- /dev/null
+++ b/graphics/xli/patch-af
@@ -0,0 +1,40 @@
+$NetBSD: patch-af,v 1.1 2005/10/30 17:58:58 salo Exp $
+
+Security fix for CVE-2005-3178, from Debian.
+
+--- zoom.c.orig 2005-02-28 01:42:39.000000000 +0100
++++ zoom.c 2005-10-30 18:50:04.000000000 +0100
+@@ -52,28 +52,29 @@
+ if (verbose)
+ printf(" Zooming image Y axis by %d%%...", yzoom);
+ if (changetitle)
+- sprintf(buf, "%s (Y zoom %d%%)", oimage->title, yzoom);
++ snprintf(buf, BUFSIZ, "%s (Y zoom %d%%)", oimage->title, yzoom);
+ }
+ else if (!yzoom) {
+ if (verbose)
+ printf(" Zooming image X axis by %d%%...", xzoom);
+ if (changetitle)
+- sprintf(buf, "%s (X zoom %d%%)", oimage->title, xzoom);
++ snprintf(buf, BUFSIZ, "%s (X zoom %d%%)", oimage->title, xzoom);
+ }
+ else if (xzoom == yzoom) {
+ if (verbose)
+ printf(" Zooming image by %d%%...", xzoom);
+ if (changetitle)
+- sprintf(buf, "%s (%d%% zoom)", oimage->title, xzoom);
++ snprintf(buf, BUFSIZ, "%s (%d%% zoom)", oimage->title, xzoom);
+ }
+ else {
+ if (verbose)
+ printf(" Zooming image X axis by %d%% and Y axis by %d%%...",
+ xzoom, yzoom);
+ if (changetitle)
+- sprintf(buf, "%s (X zoom %d%% Y zoom %d%%)", oimage->title,
++ snprintf(buf, BUFSIZ, "%s (X zoom %d%% Y zoom %d%%)", oimage->title,
+ xzoom, yzoom);
+ }
++ buf[BUFSIZ-1] = '\0';
+ if (!changetitle)
+ strcpy(buf,oimage->title);
+