media-libs/plib/files/plib-1.8.5-CVE-2012-4552.patch

   1 --- plib-1.8.5/src/ssg/ssgParser.cxx~
   2 +++ plib-1.8.5/src/ssg/ssgParser.cxx
   3 @@ -57,18 +57,16 @@ void _ssgParser::error( const char *form
   4    char msgbuff[ 255 ];
   5    va_list argp;
   6
   7 -  char* msgptr = msgbuff;
   8 -  if (linenum)
   9 -  {
  10 -    msgptr += sprintf ( msgptr,"%s, line %d: ",
  11 -      path, linenum );
  12 -  }
  13 -
  14    va_start( argp, format );
  15 -  vsprintf( msgptr, format, argp );
  16 +  vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
  17    va_end( argp );
  18
  19 -  ulSetError ( UL_WARNING, "%s", msgbuff ) ;
  20 +  if (linenum)
  21 +  {
  22 +    ulSetError ( UL_WARNING, "%s, line %d: %s", path, linenum, msgbuff ) ;
  23 +  } else {
  24 +    ulSetError ( UL_WARNING, "%s", msgbuff ) ;
  25 +  }
  26  }
  27
  28
  29 @@ -78,18 +76,16 @@ void _ssgParser::message( const char *fo
  30    char msgbuff[ 255 ];
  31    va_list argp;
  32
  33 -  char* msgptr = msgbuff;
  34 -  if (linenum)
  35 -  {
  36 -    msgptr += sprintf ( msgptr,"%s, line %d: ",
  37 -      path, linenum );
  38 -  }
  39 -
  40    va_start( argp, format );
  41 -  vsprintf( msgptr, format, argp );
  42 +  vsnprintf( msgbuff, sizeof(msgbuff), format, argp );
  43    va_end( argp );
  44
  45 -  ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
  46 +  if (linenum)
  47 +  {
  48 +    ulSetError ( UL_DEBUG, "%s, line %d: %s", path, linenum, msgbuff ) ;
  49 +  } else {
  50 +    ulSetError ( UL_DEBUG, "%s", msgbuff ) ;
  51 +  }
  52  }
  53
  54  // Opens the file and does a few internal calculations based on the spec.