netpbm/netpbm-format-security.patch

82 lines
3.4 KiB
Diff
Raw Normal View History

diff -Naur netpbm-10.61.02.orig/converter/pbm/cmuwmtopbm.c netpbm-10.61.02/converter/pbm/cmuwmtopbm.c
--- netpbm-10.61.02.orig/converter/pbm/cmuwmtopbm.c 2014-04-14 16:25:31.000000000 +0200
+++ netpbm-10.61.02/converter/pbm/cmuwmtopbm.c 2014-04-14 17:05:23.049000000 +0200
@@ -48,20 +48,20 @@
rc = pm_readbiglong(ifP, &l);
if (rc == -1 )
- pm_error(initReadError);
+ pm_error("%s", initReadError);
if ((uint32_t)l != cmuwmMagic)
pm_error("bad magic number in CMU window manager file");
rc = pm_readbiglong(ifP, &l);
if (rc == -1)
- pm_error(initReadError);
+ pm_error("%s", initReadError);
*colsP = l;
rc = pm_readbiglong(ifP, &l);
if (rc == -1 )
- pm_error(initReadError);
+ pm_error("%s", initReadError);
*rowsP = l;
rc = pm_readbigshort(ifP, &s);
if (rc == -1)
- pm_error(initReadError);
+ pm_error("%s", initReadError);
*depthP = s;
}
diff -Naur netpbm-10.61.02.orig/converter/other/tifftopnm.c netpbm-10.61.02/converter/other/tifftopnm.c
--- netpbm-10.61.02.orig/converter/other/tifftopnm.c 2014-04-14 17:06:26.000000000 +0200
+++ netpbm-10.61.02/converter/other/tifftopnm.c 2014-04-14 17:09:55.731000000 +0200
@@ -1459,7 +1459,7 @@
int ok;
ok = TIFFRGBAImageOK(tif, emsg);
if (!ok) {
- pm_message(emsg);
+ pm_message("%s", emsg);
*statusP = CONV_UNABLE;
} else {
uint32 * raster;
@@ -1479,14 +1479,14 @@
ok = TIFFRGBAImageBegin(&img, tif, stopOnErrorFalse, emsg);
if (!ok) {
- pm_message(emsg);
+ pm_message("%s", emsg);
*statusP = CONV_FAILED;
} else {
int ok;
ok = TIFFRGBAImageGet(&img, raster, cols, rows);
TIFFRGBAImageEnd(&img) ;
if (!ok) {
- pm_message(emsg);
+ pm_message("%s", emsg);
*statusP = CONV_FAILED;
} else {
*statusP = CONV_DONE;
diff -Naur netpbm-10.61.02.orig/converter/other/fiasco/pnmtofiasco.c netpbm-10.61.02/converter/other/fiasco/pnmtofiasco.c
--- netpbm-10.61.02.orig/converter/other/fiasco/pnmtofiasco.c 2013-02-20 07:31:32.000000000 +0100
+++ netpbm-10.61.02/converter/other/fiasco/pnmtofiasco.c 2014-04-14 17:12:14.995000000 +0200
@@ -170,7 +170,7 @@
return 0;
else
{
- fprintf (stderr, fiasco_get_error_message ());
+ fprintf (stderr, "%s", fiasco_get_error_message ());
fprintf (stderr, "\n");
return 1;
}
diff -Naur netpbm-10.61.02.orig/converter/other/fiasco/params.c netpbm-10.61.02/converter/other/fiasco/params.c
--- netpbm-10.61.02.orig/converter/other/fiasco/params.c 2013-02-20 07:31:32.000000000 +0100
+++ netpbm-10.61.02/converter/other/fiasco/params.c 2014-04-14 17:15:00.067000000 +0200
@@ -656,7 +656,7 @@
fprintf (stderr, "Usage: %s [OPTION]...%s\n", progname,
non_opt_string ? non_opt_string : " ");
if (synopsis != NULL)
- fprintf (stderr, synopsis);
+ fprintf (stderr, "%s", synopsis);
fprintf (stderr, "\n\n");
fprintf (stderr, "Mandatory or optional arguments to long options "
"are mandatory or optional\nfor short options too. "