summaryrefslogtreecommitdiff
path: root/gnu/packages/patches/a2ps-CVE-2015-8107.patch
diff options
context:
space:
mode:
Diffstat (limited to 'gnu/packages/patches/a2ps-CVE-2015-8107.patch')
-rw-r--r--gnu/packages/patches/a2ps-CVE-2015-8107.patch80
1 files changed, 80 insertions, 0 deletions
diff --git a/gnu/packages/patches/a2ps-CVE-2015-8107.patch b/gnu/packages/patches/a2ps-CVE-2015-8107.patch
new file mode 100644
index 0000000000..5ea35d45da
--- /dev/null
+++ b/gnu/packages/patches/a2ps-CVE-2015-8107.patch
@@ -0,0 +1,80 @@
+https://sources.debian.org/data/main/a/a2ps/1:4.14-2/debian/patches/fix-format-security.diff
+
+Index: b/lib/psgen.c
+===================================================================
+--- a/lib/psgen.c
++++ b/lib/psgen.c
+@@ -232,7 +232,7 @@
+ default:
+ *buf = '\0';
+ ps_escape_char (job, cp[i], buf);
+- output (jdiv, (char *) buf);
++ output (jdiv, "%s", (char *) buf);
+ break;
+ }
+ }
+Index: b/lib/output.c
+===================================================================
+--- a/lib/output.c
++++ b/lib/output.c
+@@ -525,7 +525,7 @@
+ expand_user_string (job, FIRST_FILE (job),
+ (const uchar *) "Expand: requirement",
+ (const uchar *) token));
+- output (dest, expansion);
++ output (dest, "%s", expansion);
+ continue;
+ }
+
+Index: b/lib/parseppd.y
+===================================================================
+--- a/lib/parseppd.y
++++ b/lib/parseppd.y
+@@ -154,7 +154,7 @@
+ void
+ yyerror (const char *msg)
+ {
+- error_at_line (1, 0, ppdfilename, ppdlineno, msg);
++ error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
+ }
+
+ /*
+Index: b/src/parsessh.y
+===================================================================
+--- a/src/parsessh.y
++++ b/src/parsessh.y
+@@ -740,7 +740,7 @@
+ void
+ yyerror (const char *msg)
+ {
+- error_at_line (1, 0, sshfilename, sshlineno, msg);
++ error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
+ }
+
+ /*
+Index: b/lib/parseppd.c
+===================================================================
+--- a/lib/parseppd.c
++++ b/lib/parseppd.c
+@@ -1707,7 +1707,7 @@
+ void
+ yyerror (const char *msg)
+ {
+- error_at_line (1, 0, ppdfilename, ppdlineno, msg);
++ error_at_line (1, 0, ppdfilename, ppdlineno, "%s", msg);
+ }
+
+ /*
+Index: b/src/parsessh.c
+===================================================================
+--- a/src/parsessh.c
++++ b/src/parsessh.c
+@@ -2639,7 +2639,7 @@
+ void
+ yyerror (const char *msg)
+ {
+- error_at_line (1, 0, sshfilename, sshlineno, msg);
++ error_at_line (1, 0, sshfilename, sshlineno, "%s", msg);
+ }
+
+ /*
generated by cgit v1.2.3 (git 2.25.4) at 2024-06-16 03:04:44 +0000