commit desktop-file-utils for openSUSE:Factory

[h_root]

Hello community,

here is the log from the commit of package desktop-file-utils for 
openSUSE:Factory checked in at 2016-05-20 11:55:29
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/desktop-file-utils (Old)
 and      /work/SRC/openSUSE:Factory/.desktop-file-utils.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "desktop-file-utils"

Changes:
--------
--- /work/SRC/openSUSE:Factory/desktop-file-utils/desktop-file-utils.changes    
2015-03-25 21:03:24.000000000 +0100
+++ 
/work/SRC/openSUSE:Factory/.desktop-file-utils.new/desktop-file-utils.changes   
    2016-05-20 11:55:30.000000000 +0200
@@ -1,0 +2,6 @@
+Mon May  9 21:03:33 CEST 2016 - h...@suse.com
+
+- Add desktop-file-utils-fdo94303-fix-buffer-over-read.patch
+  (fdo#94303).
+
+-------------------------------------------------------------------

New:
----
  desktop-file-utils-fdo94303-fix-buffer-over-read.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ desktop-file-utils.spec ++++++
--- /var/tmp/diff_new_pack.mxgRqr/_old  2016-05-20 11:55:31.000000000 +0200
+++ /var/tmp/diff_new_pack.mxgRqr/_new  2016-05-20 11:55:31.000000000 +0200
@@ -1,7 +1,7 @@
 #
 # spec file for package desktop-file-utils
 #
-# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2016 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -33,6 +33,7 @@
 # PATCH-UPSTREAM -- add Cinnamon and EDE desktop environments
 Patch2:         U_add-Cinnamon-desktop-environment_50271fe.patch
 Patch3:         U_add-EDE-desktop-environment_97d6ba3.patch
+Patch4:         desktop-file-utils-fdo94303-fix-buffer-over-read.patch
 BuildRequires:  glib2-devel
 BuildRequires:  pkg-config
 BuildRequires:  xz
@@ -53,6 +54,7 @@
 %patch1 -p1
 %patch2 -p1
 %patch3 -p1
+%patch4 -p1
 
 %build
 %configure \

++++++ desktop-file-utils-fdo94303-fix-buffer-over-read.patch ++++++
>From cddcd6612b66cb3963920b5f2734850a217d7020 Mon Sep 17 00:00:00 2001
From: Hans Petter Jansson <h...@cl.no>
Date: Mon, 29 Feb 2016 01:50:14 +0100
Subject: [PATCH] validate: Fix buffer over-read on incomplete escape sequence.

https://bugs.freedesktop.org/show_bug.cgi?id=94303
---
 src/validate.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/src/validate.c b/src/validate.c
index b4b752e..7403c18 100644
--- a/src/validate.c
+++ b/src/validate.c
@@ -1225,6 +1225,16 @@ handle_exec_key (kf_validator *kf,
         break;
       case '\\':
         PRINT_INVALID_IF_FLAG;
+
+        /* Escape character immediately followed by \0? */
+        if (*(c + 1) == '\0') {
+          print_fatal (kf, "value \"%s\" for key \"%s\" in group \"%s\" "
+                           "ends in an incomplete escape sequence\n",
+                           value, locale_key, kf->current_group);
+          retval = FALSE;
+          break;
+        }
+
         c++;
         if (*c == '\\' && in_quote)
           escaped = !escaped;
-- 
1.8.4.5