Overview

File liblouis-CVE-2023-26768.patch of Package python3-louis.28498

diff -Nura liblouis-2.6.4/liblouis/logging.c liblouis-2.6.4_new/liblouis/logging.c
--- liblouis-2.6.4/liblouis/logging.c	2015-08-31 22:27:50.000000000 +0800
+++ liblouis-2.6.4_new/liblouis/logging.c	2023-04-06 23:06:07.599744037 +0800
@@ -108,15 +108,15 @@
     }
 }
 
+#define FILENAMESIZE 256
 
 static FILE *logFile = NULL;
-static char initialLogFileName[256];
+static char initialLogFileName[FILENAMESIZE] = "";
 
 void EXPORT_CALL
 lou_logFile (const char *fileName)
 {
-  if (fileName == NULL || fileName[0] == 0)
-    return;
+  if (fileName == NULL || fileName[0] == 0 || strlen(fileName) >= FILENAMESIZE) return;
   if (initialLogFileName[0] == 0)
     strcpy (initialLogFileName, fileName);
   logFile = fopen (fileName, "wb");
openSUSE Build Service is sponsored by
Places