transfig/transfig-3.2.5d-CVE-2009-4227.patch

26 lines
762 B
Diff

From 824eff7e2ce2b1a64ec1406a04aeedf10456e9da Mon Sep 17 00:00:00 2001
From: Kamil Dudka <kdudka@redhat.com>
Date: Thu, 9 Aug 2012 16:46:34 +0200
Subject: [PATCH] read_textobject: limit the input when reading to a fixed-size buffer
---
fig2dev/read1_3.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/fig2dev/read1_3.c b/fig2dev/read1_3.c
index 28951e8..5b9d770 100644
--- a/fig2dev/read1_3.c
+++ b/fig2dev/read1_3.c
@@ -451,7 +451,7 @@ FILE *fp;
t->pen = 0;
t->angle = 0.0;
t->next = NULL;
- n = fscanf(fp," %d %lf %d %lf %lf %d %d %[^\n]", &t->font,
+ n = fscanf(fp," %d %lf %d %lf %lf %d %d %127[^\n]", &t->font,
&t->size, &t->flags, &t->height, &t->length,
&t->base_x, &t->base_y, buf);
if (n != 8) {
--
1.7.1