fix format-security issues

This commit is contained in:
Dmitry Butskoy 2013-12-03 19:23:21 +04:00
parent e8219acd10
commit 8d7a2fd628
2 changed files with 30 additions and 1 deletions

View File

@ -0,0 +1,24 @@
diff -Nrbu traceroute-2.0.19/libsupp/clif.c traceroute-2.0.19-OK/libsupp/clif.c
--- traceroute-2.0.19/libsupp/clif.c 2007-08-06 19:20:17.000000000 +0400
+++ traceroute-2.0.19-OK/libsupp/clif.c 2013-12-03 19:18:36.100333217 +0400
@@ -792,9 +792,9 @@
if (l > 0) {
memset (buf, ' ', l);
buf[l] = '\0';
- fprintf (stderr, buf);
+ fprintf (stderr, "%s", buf);
} else
- fprintf (stderr, spacer);
+ fprintf (stderr, "%s", spacer);
endp = buf + width;
@@ -833,7 +833,7 @@
*p = '\0';
fprintf (stderr, "%s", buf);
- fprintf (stderr, spacer);
+ fprintf (stderr, "%s", spacer);
p++;
for (s = buf; *p; *s++ = *p++) ;

View File

@ -2,12 +2,13 @@ Summary: Traces the route taken by packets over an IPv4/IPv6 network
Name: traceroute
Epoch: 3
Version: 2.0.19
Release: 4%{?dist}
Release: 5%{?dist}
Group: Applications/Internet
License: GPLv2+
URL: http://traceroute.sourceforge.net
Source0: http://downloads.sourceforge.net/project/traceroute/traceroute/traceroute-%{version}/traceroute-%{version}.tar.gz
Patch0: traceroute-2.0.19-man.patch
Patch1: traceroute-2.0.19-printf.patch
Provides: tcptraceroute = 1.5-1
Obsoletes: tcptraceroute < 1.5-1
@ -28,6 +29,7 @@ problems.
%prep
%setup -q
%patch0 -p1
%patch1 -p1
%build
@ -61,6 +63,9 @@ popd
%changelog
* Tue Dec 3 2013 Dmitry Butskoy <Dmitry@Butskoy.name> - 3:2.0.19-5
- fix format-security issue (#1037363)
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 3:2.0.19-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild