diff options
Diffstat (limited to 'media-libs/t1lib/files/t1lib-5.0.2-SA26241_buffer_overflow.patch')
| -rw-r--r-- | media-libs/t1lib/files/t1lib-5.0.2-SA26241_buffer_overflow.patch | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/media-libs/t1lib/files/t1lib-5.0.2-SA26241_buffer_overflow.patch b/media-libs/t1lib/files/t1lib-5.0.2-SA26241_buffer_overflow.patch new file mode 100644 index 000000000000..766f74cbe624 --- /dev/null +++ b/media-libs/t1lib/files/t1lib-5.0.2-SA26241_buffer_overflow.patch @@ -0,0 +1,20 @@ +http://secunia.com/advisories/26241/ +http://www.bugtraq.ir/adv/t1lib.txt +https://bugs.gentoo.org/193437 + +diff -Naur t1lib-5.0.2-orig/lib/t1lib/t1env.c t1lib-5.0.2/lib/t1lib/t1env.c +--- t1lib-5.0.2-orig/lib/t1lib/t1env.c 2002-11-27 19:53:11.000000000 -0600 ++++ t1lib-5.0.2/lib/t1lib/t1env.c 2007-09-22 12:57:01.000000000 -0600 +@@ -568,6 +568,12 @@ + #endif + strcat( pathbuf, DIRECTORY_SEP); + /* And finally the filename: */ ++ /* If current pathbuf + StrippedName + 1 byte for NULL is bigger than pathbuf ++ * let's try next pathbuf */ ++ if( strlen(pathbuf) + strlen(StrippedName) + 1 > sizeof(pathbuf) ) { ++ i++; ++ continue; ++ } + strcat( pathbuf, StrippedName); + + /* Check for existence of the path: */ |