From de04caba94413f326113ec50fc71ecd8b512f54a Mon Sep 17 00:00:00 2001
From: Jindrich Novy <jnovy@fedoraproject.org>
Date: Mon, 4 Apr 2005 14:01:57 +0000
Subject: [PATCH] - fix yet another vsprintf buffer overflow (#152963)

---
 nasm-0.98.39-overfl.patch | 11 +++++++++++
 nasm.spec                 |  7 ++++++-
 2 files changed, 17 insertions(+), 1 deletion(-)
 create mode 100644 nasm-0.98.39-overfl.patch

diff --git a/nasm-0.98.39-overfl.patch b/nasm-0.98.39-overfl.patch
new file mode 100644
index 0000000..a19fbab
--- /dev/null
+++ b/nasm-0.98.39-overfl.patch
@@ -0,0 +1,11 @@
+--- nasm-0.98.39/output/outieee.c.overfl	2005-01-15 23:16:08.000000000 +0100
++++ nasm-0.98.39/output/outieee.c	2005-04-01 12:55:17.231530832 +0200
+@@ -1120,7 +1120,7 @@ static void ieee_putascii(char *format, 
+     va_list ap;
+ 
+     va_start(ap, format);
+-    vsprintf(buffer, format, ap);
++    vsnprintf(buffer, sizeof(buffer), format, ap);
+     l = strlen(buffer);
+     for (i = 0; i < l; i++)
+         if ((buffer[i] & 0xff) > 31)
diff --git a/nasm.spec b/nasm.spec
index 46ccb40..3127143 100644
--- a/nasm.spec
+++ b/nasm.spec
@@ -1,8 +1,9 @@
 Summary: A portable x86 assembler which uses Intel-like syntax.
 Name: nasm
 Version: 0.98.39
-Release: 1
+Release: 2
 Patch0: nasm-0.98-boguself2.patch
+Patch1: nasm-0.98.39-overfl.patch
 License: LGPL
 Group: Development/Languages
 Source: http://prdownloads.sourceforge.net/nasm/nasm-%{version}.tar.bz2
@@ -37,6 +38,7 @@ include linker, library manager, loader, and information dump.
 %prep
 %setup
 #%patch0 -p1 -b .boguself
+%patch1 -p1 -b .overfl
 
 %build
 %configure
@@ -88,6 +90,9 @@ fi
 %{_bindir}/rdx
 
 %changelog
+* Fri Apr 01 2005 Jindrich Novy <jnovy@redhat.com> 0.98.39-2
+- fix yet another vsprintf buffer overflow (#152963)
+
 * Thu Mar 31 2005 Jindrich Novy <jnovy@redhat.com> 0.98.39-1
 - update to 0.98.39
 - add BuildRequires ghostscript, texinfo to doc subpackage (#110584)