1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
$NetBSD: patch-af,v 1.1 2005/10/30 17:58:58 salo Exp $
Security fix for CVE-2005-3178, from Debian.
--- zoom.c.orig 2005-02-28 01:42:39.000000000 +0100
+++ zoom.c 2005-10-30 18:50:04.000000000 +0100
@@ -52,28 +52,29 @@
if (verbose)
printf(" Zooming image Y axis by %d%%...", yzoom);
if (changetitle)
- sprintf(buf, "%s (Y zoom %d%%)", oimage->title, yzoom);
+ snprintf(buf, BUFSIZ, "%s (Y zoom %d%%)", oimage->title, yzoom);
}
else if (!yzoom) {
if (verbose)
printf(" Zooming image X axis by %d%%...", xzoom);
if (changetitle)
- sprintf(buf, "%s (X zoom %d%%)", oimage->title, xzoom);
+ snprintf(buf, BUFSIZ, "%s (X zoom %d%%)", oimage->title, xzoom);
}
else if (xzoom == yzoom) {
if (verbose)
printf(" Zooming image by %d%%...", xzoom);
if (changetitle)
- sprintf(buf, "%s (%d%% zoom)", oimage->title, xzoom);
+ snprintf(buf, BUFSIZ, "%s (%d%% zoom)", oimage->title, xzoom);
}
else {
if (verbose)
printf(" Zooming image X axis by %d%% and Y axis by %d%%...",
xzoom, yzoom);
if (changetitle)
- sprintf(buf, "%s (X zoom %d%% Y zoom %d%%)", oimage->title,
+ snprintf(buf, BUFSIZ, "%s (X zoom %d%% Y zoom %d%%)", oimage->title,
xzoom, yzoom);
}
+ buf[BUFSIZ-1] = '\0';
if (!changetitle)
strcpy(buf,oimage->title);
|
