Overview

File graphviz-fix_format_string_vulnerability.patch of Package graphviz.7527

commit 99eda421f7ddc27b14e4ac1d2126e5fe41719081
Author: Emden R. Gansner <erg@alum.mit.edu>
Date:   Mon Nov 24 14:32:58 2014 -0500

    Fix format string vulnerability in using agerr() to report errors during parsing.
    We now use a fixed format %s, and pass the error string as an argument.

---
 lib/cgraph/scan.l |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Index: graphviz-2.38.0/lib/cgraph/scan.l
===================================================================
--- graphviz-2.38.0.orig/lib/cgraph/scan.l	2017-11-24 16:24:56.469996227 +0100
+++ graphviz-2.38.0/lib/cgraph/scan.l	2017-11-24 16:26:46.746793587 +0100
@@ -209,6 +209,7 @@ ID		({NAME}|{NUMBER})
 <hstring>([^><\n]*)		addstr(yytext);
 .						return (yytext[0]);
 %%
+ 
 void yyerror(char *str)
 {
 	unsigned char	xbuf[BUFSIZ];
@@ -225,7 +226,7 @@ void yyerror(char *str)
 	agxbput (&xb, buf);
 	agxbput (&xb, yytext);
 	agxbput (&xb,"'\n");
-	agerr(AGERR,agxbuse(&xb));
+	agerr(AGERR,"%s", agxbuse(&xb));
 	agxbfree(&xb);
 }
 /* must be here to see flex's macro defns */
openSUSE Build Service is sponsored by
Places