Found these during an OpenBSD ports audit - patches are below
against 2.4.14 (but the problems exist in 2.4.16 as well)
--- fvwm/builtins.c.orig Wed Jun 18 03:23:34 2003
+++ fvwm/builtins.c Wed Jun 18 03:23:52 2003
@@ -1472,7 +1472,7 @@ Bool ReadDecorFace(char *s, DecorFace *d
/* some variants of scanf do not increase the assign count when %n is used,
* so a return value of 1 is no error. */
- if (sscanf(s, "%256s%n", style, &offset) < 1)
+ if (sscanf(s, "%255s%n", style, &offset) < 1)
{
if (verbose)
{
--- modules/FvwmGtk/FvwmGtk.c.orig Wed Jun 18 03:24:21 2003
+++ modules/FvwmGtk/FvwmGtk.c Wed Jun 18 03:24:32 2003
@@ -349,7 +349,7 @@ process_message (unsigned long type,
case M_STRING:
SendUnlockNotification(fvwm_fd);
context = body[0]; /* this is tmp_win->w */
- sscanf ((char*) (&body[3]), "%128s %d", name, &button);
+ sscanf ((char*) (&body[3]), "%127s %d", name, &button);
widget = g_hash_table_lookup (widgets, name);
if (!widget)
{
--
Anil Madhavapeddy http://anil.recoil.org
University of Cambridge http://www.cl.cam.ac.uk
--
Visit the official FVWM web page at <URL:http://www.fvwm.org/>.
To unsubscribe from the list, send "unsubscribe fvwm-workers" in the
body of a message to [EMAIL PROTECTED]
To report problems, send mail to [EMAIL PROTECTED]
