File v4l2loopback-explicit-format-CVE-2022-2652.patch of Package v4l2loopback

Backported. Only one chunk exists in v4l2loopback-0.12.5.

From e4cd225557486c420f6a34411f98c575effd43dd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?IOhannes=20m=20zm=C3=B6lnig?= <zmoelnig@iem.at>
Date: Wed, 3 Aug 2022 15:09:17 +0200
Subject: [PATCH] add explicit format specifier to printf() invocations

CWE-134
---
 v4l2loopback.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

Index: v4l2loopback-0.12.5/v4l2loopback.c
===================================================================
--- v4l2loopback-0.12.5.orig/v4l2loopback.c
+++ v4l2loopback-0.12.5/v4l2loopback.c
@@ -655,7 +655,7 @@ static inline void unset_flags(struct v4
 static void vidioc_fill_name(char *buf, int len, int nr)
 {
 	if (card_label[nr] != NULL) {
-		snprintf(buf, len, card_label[nr]);
+		snprintf(buf, len, "%s", card_label[nr]);
 	} else {
 		snprintf(buf, len, "Dummy video device (0x%04X)", nr);
 	}

Places

File v4l2loopback-explicit-format-CVE-2022-2652.patch of Package v4l2loopback

Places