Module Name: xsrc
Committed By: wiz
Date: Tue Jan 7 07:43:16 UTC 2014
Modified Files:
xsrc/xfree/xc/lib/font/bitmap: bdfread.c
Log Message:
CVE-2013-6462:
>From aeabb3efa6905e11c479e2e5319f2b6b3ab22009 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersm...@oracle.com>
Date: Mon, 23 Dec 2013 18:34:02 -0800
Subject: [PATCH:libXfont 1/2] CVE-2013-XXXX: unlimited sscanf can overflow
stack buffer in bdfReadCharacters()
Fixes cppcheck warning:
[lib/libXfont/src/bitmap/bdfread.c:341]: (warning)
scanf without field width limits can crash with huge input data.
Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com>
Reviewed-by: Matthieu Herrb <matth...@herrb.eu>
Reviewed-by: Jeremy Huddleston Sequoia <jerem...@apple.com>
---
src/bitmap/bdfread.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
To generate a diff of this commit:
cvs rdiff -u -r1.2 -r1.3 xsrc/xfree/xc/lib/font/bitmap/bdfread.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: xsrc/xfree/xc/lib/font/bitmap/bdfread.c
diff -u xsrc/xfree/xc/lib/font/bitmap/bdfread.c:1.2 xsrc/xfree/xc/lib/font/bitmap/bdfread.c:1.3
--- xsrc/xfree/xc/lib/font/bitmap/bdfread.c:1.2 Tue Apr 3 20:10:34 2007
+++ xsrc/xfree/xc/lib/font/bitmap/bdfread.c Tue Jan 7 07:43:16 2014
@@ -340,7 +340,7 @@ bdfReadCharacters(FontFilePtr file, Font
char charName[100];
int ignore;
- if (sscanf((char *) line, "STARTCHAR %s", charName) != 1) {
+ if (sscanf((char *) line, "STARTCHAR %99s", charName) != 1) {
bdfError("bad character name in BDF file\n");
goto BAILOUT; /* bottom of function, free and return error */
}
