The following commit has been merged in the master branch:
commit f690e0d7c001fc83040a756e8913814e31d48e79
Author: Stephen Kitt <[email protected]>
Date: Wed Sep 28 00:26:13 2011 +0200
Always use a format string with sprintf() (closes: #643397).
diff --git a/debian/changelog b/debian/changelog
index 50992b0..74250b3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+gnurobbo (0.66+dfsg-2) unstable; urgency=low
+
+ * Always use a format string with sprintf() (closes: #643397).
+
+ -- Stephen Kitt <[email protected]> Wed, 28 Sep 2011 00:02:45 +0200
+
gnurobbo (0.66+dfsg-1) unstable; urgency=low
* New upstream version.
diff --git a/debian/patches/format-security.patch
b/debian/patches/format-security.patch
new file mode 100644
index 0000000..22e70d3
--- /dev/null
+++ b/debian/patches/format-security.patch
@@ -0,0 +1,245 @@
+Description: Always use a format string with sprintf()
+Author: Stephen Kitt <[email protected]>
+Forwarded:
https://sourceforge.net/tracker/?func=detail&aid=3414732&group_id=64186&atid=506596
+Last-Update: 2011-09-27
+
+--- gnurobbo.orig/konstruktor.c
++++ gnurobbo/konstruktor.c
+@@ -245,7 +245,7 @@
+ else if (level.w == 32 && level.h == 31)
+ gsize = 1;
+ inforedraw = 1;
+- sprintf(infostring, txt_konstruktor_Welcome_to_GNU_Robbo_Designer);
++ sprintf(infostring, "%s", txt_konstruktor_Welcome_to_GNU_Robbo_Designer);
+ robbo.keys = k_count_obj(KEY); /* count keys on a map */
+ robbo.bullets = k_count_obj(BULLET) * 9; /* count bullets */
+ game_area.redraw = REDRAW_EVERYTHING;
+@@ -654,12 +654,12 @@
+ nx = nx + k_view.x;
+ ny = ny + k_view.y;
+ if (selected != -1) {
+- sprintf(infostring,
++ sprintf(infostring, "%s",
+ " ");
+ inforedraw = 1;
+ if (K_icons[selected].game_obj == ROBBO) {
+ redraw_field(robbo.x, robbo.y);
+- sprintf(infostring, "Robbo");
++ sprintf(infostring, "%s", "Robbo");
+ }
+ /*
+ * do we try to delete one of the counted objects?
+@@ -686,7 +686,7 @@
+ );
+ switch (K_icons[selected].game_obj) {
+ case GROUND:
+- sprintf(infostring, txt_konstruktor_Ground);
++ sprintf(infostring, "%s", txt_konstruktor_Ground);
+ break;
+ case STOP:
+ sprintf(infostring, "%s (%d %s)",
+@@ -743,7 +743,7 @@
+ txt_konstruktor_on_map);
+ break;
+ case EMPTY_FIELD:
+- sprintf(infostring, txt_konstruktor_Empty_Field);
++ sprintf(infostring, "%s", txt_konstruktor_Empty_Field);
+ break;
+ case BUTTERFLY:
+ sprintf(infostring, "%s (%d %s)",
+@@ -781,9 +781,9 @@
+ case WALL:
+ board[nx][ny].state = wallnumber;
+ if (wallnumber != 3)
+- sprintf(infostring, txt_konstruktor_Wall);
++ sprintf(infostring, "%s", txt_konstruktor_Wall);
+ else
+- sprintf(infostring, txt_konstruktor_Black_Wall);
++ sprintf(infostring, "%s", txt_konstruktor_Black_Wall);
+ break;
+ case TELEPORT:
+ board[nx][ny].teleportnumber = teleportnr;
+@@ -883,7 +883,7 @@
+ break;
+ case K_RELOAD:
+ if (cnt == lastselected) {
+- sprintf(infostring, txt_konstruktor_Level_reloaded);
++ sprintf(infostring, "%s", txt_konstruktor_Level_reloaded);
+ clear_screen();
+ level_init();
+ konstruktor_viewport_init();
+@@ -901,7 +901,7 @@
+ k_redraw_all();
+ cnt = -1;
+ } else {
+- sprintf(infostring,
++ sprintf(infostring, "%s",
+ txt_konstruktor_Reload_level_select_again_to_reload);
+ lastclick = 50;
+ };
+@@ -929,7 +929,7 @@
+ inforedraw = 1;
+ break;
+ case ROBBO:
+- sprintf(infostring, "Robbo");
++ sprintf(infostring, "%s", "Robbo");
+ inforedraw = 1;
+ break;
+ case GUN:
+@@ -1026,16 +1026,16 @@
+ inforedraw = 1;
+ break;
+ case EMPTY_FIELD:
+- sprintf(infostring, txt_konstruktor_Empty_Field);
++ sprintf(infostring, "%s", txt_konstruktor_Empty_Field);
+ inforedraw = 1;
+ break;
+ case WALL:
+ if (cnt == selected)
+ wallnumber = (wallnumber + 1) % 9;
+ if (wallnumber != 3)
+- sprintf(infostring, txt_konstruktor_Wall);
++ sprintf(infostring, "%s", txt_konstruktor_Wall);
+ else
+- sprintf(infostring, txt_konstruktor_Black_Wall);
++ sprintf(infostring, "%s", txt_konstruktor_Black_Wall);
+ inforedraw = 1;
+ break;
+ case K_LASER:
+@@ -1056,7 +1056,7 @@
+ teleportnr = (teleportnr % 11) + 1;
+ break;
+ case GROUND:
+- sprintf(infostring, txt_konstruktor_Ground);
++ sprintf(infostring, "%s", txt_konstruktor_Ground);
+ inforedraw = 1;
+ break;
+ case BIRD:
+@@ -1079,16 +1079,16 @@
+ direction = (direction + 1) % 4;
+ switch (direction) {
+ case 0:
+- sprintf(infostring, txt_konstruktor_Direction_right);
++ sprintf(infostring, "%s", txt_konstruktor_Direction_right);
+ break;
+ case 1:
+- sprintf(infostring, txt_konstruktor_Direction_down);
++ sprintf(infostring, "%s", txt_konstruktor_Direction_down);
+ break;
+ case 2:
+- sprintf(infostring, txt_konstruktor_Direction_left);
++ sprintf(infostring, "%s", txt_konstruktor_Direction_left);
+ break;
+ case 3:
+- sprintf(infostring, txt_konstruktor_Direction_up);
++ sprintf(infostring, "%s", txt_konstruktor_Direction_up);
+ break;
+ }
+ inforedraw = 1;
+@@ -1097,13 +1097,13 @@
+ ltype = (ltype + 1) % 3;
+ switch (ltype) {
+ case 0:
+- sprintf(infostring, txt_konstruktor_Laser_Gun);
++ sprintf(infostring, "%s", txt_konstruktor_Laser_Gun);
+ break;
+ case 1:
+- sprintf(infostring, txt_konstruktor_Blaster_Gun);
++ sprintf(infostring, "%s", txt_konstruktor_Blaster_Gun);
+ break;
+ case 2:
+- sprintf(infostring, txt_konstruktor_Regular_Gun);
++ sprintf(infostring, "%s", txt_konstruktor_Regular_Gun);
+ break;
+ }
+ inforedraw = 1;
+@@ -1114,23 +1114,23 @@
+ movable = (rmstate & 1);
+ switch (rmstate) {
+ case 0:
+- sprintf(infostring, txt_konstruktor_Fixed);
++ sprintf(infostring, "%s", txt_konstruktor_Fixed);
+ break;
+ case 1:
+- sprintf(infostring, txt_konstruktor_Moveable);
++ sprintf(infostring, "%s", txt_konstruktor_Moveable);
+ break;
+ case 2:
+- sprintf(infostring, txt_konstruktor_Rotating);
++ sprintf(infostring, "%s", txt_konstruktor_Rotating);
+ break;
+ case 3:
+- sprintf(infostring, txt_konstruktor_Moveable_Rotating);
++ sprintf(infostring, "%s", txt_konstruktor_Moveable_Rotating);
+ break;
+ }
+ inforedraw = 1;
+ break;
+ case K_INSERT:
+ if (lastselected == cnt) {
+- sprintf(infostring, txt_konstruktor_Level_created);
++ sprintf(infostring, "%s", txt_konstruktor_Level_created);
+ insert = 1;
+ /*
+ * Clear board
+@@ -1154,7 +1154,7 @@
+ cnt = -1;
+
+ } else {
+- sprintf(infostring,
++ sprintf(infostring, "%s",
+ txt_konstruktor_New_level_select_again_to_create);
+ lastclick = 50;
+ }
+@@ -1165,7 +1165,7 @@
+ * Clear board
+ */
+ if (lastselected == cnt) {
+- sprintf(infostring, txt_konstruktor_Level_cleared);
++ sprintf(infostring, "%s", txt_konstruktor_Level_cleared);
+ robbo.screws = 0;
+ robbo.keys = 0;
+ robbo.bullets = 0; /* Thunor: I added this as it was
missing */
+@@ -1184,7 +1184,7 @@
+ clear_entire_board();
+ cnt = -1;
+ } else {
+- sprintf(infostring,
++ sprintf(infostring, "%s",
+ txt_konstruktor_Clear_level_select_again_to_clear);
+ lastclick = 50;
+ }
+@@ -1193,9 +1193,9 @@
+ case K_SAVE:
+ if (lastselected == cnt) {
+ if (insert == 1)
+- sprintf(infostring,
txt_konstruktor_New_level_appended_to_pack);
++ sprintf(infostring, "%s",
txt_konstruktor_New_level_appended_to_pack);
+ else
+- sprintf(infostring, txt_konstruktor_Changes_saved);
++ sprintf(infostring, "%s",
txt_konstruktor_Changes_saved);
+ cnt = -1;
+
+ k_save_map();
+@@ -1206,10 +1206,10 @@
+ lastclick = 50;
+
+ if (insert == 1)
+- sprintf(infostring,
++ sprintf(infostring, "%s",
+
txt_konstruktor_Save_select_again_to_save_new_level);
+ else
+- sprintf(infostring,
++ sprintf(infostring, "%s",
+
txt_konstruktor_Save_select_again_to_save_changes);
+ }
+ inforedraw = 1;
+@@ -1275,7 +1275,7 @@
+ konstruktor_end();
+ cnt = -1;
+ } else {
+- sprintf(infostring,
++ sprintf(infostring, "%s",
+ txt_konstruktor_Exit_designer_select_again_to_exit);
+ lastclick = 50; /* very long click is used as
+ * another click */
diff --git a/debian/patches/series b/debian/patches/series
index 5169081..fc50065 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1 +1,2 @@
+format-security.patch
Makefile.diff
--
logic game ported from ATARI XE/XL
_______________________________________________
Pkg-games-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-games-commits
