blob: 78be8b311557819d7547b672ccf9894c4babda92 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
$NetBSD: patch-ae,v 1.1 2005/10/30 17:58:58 salo Exp $
Security fix for CVE-2005-3178, from Debian.
--- reduce.c.orig 1999-10-25 04:15:02.000000000 +0200
+++ reduce.c 2005-10-30 18:49:53.000000000 +0100
@@ -178,7 +178,8 @@
/* get destination image */
depth = colorsToDepth(OutColors);
new_image = newRGBImage(image->width, image->height, depth);
- sprintf(buf, "%s (%d colors)", image->title, OutColors);
+ snprintf(buf, BUFSIZ, "%s (%d colors)", image->title, OutColors);
+ buf[BUFSIZ-1] = '\0';
new_image->title = dupString(buf);
new_image->gamma = image->gamma;
|
