summaryrefslogtreecommitdiffstats
path: root/graphics/xli/patch-af
blob: 7e4565ee9b7d46d887f53295fdad13160e1783a7 (plain) 
$NetBSD: patch-af,v 1.1 2005/10/30 17:58:58 salo Exp $

Security fix for CVE-2005-3178, from Debian.

--- zoom.c.orig	2005-02-28 01:42:39.000000000 +0100
+++ zoom.c	2005-10-30 18:50:04.000000000 +0100
@@ -52,28 +52,29 @@
     if (verbose)
       printf("  Zooming image Y axis by %d%%...", yzoom);
     if (changetitle)
-      sprintf(buf, "%s (Y zoom %d%%)", oimage->title, yzoom);
+      snprintf(buf, BUFSIZ, "%s (Y zoom %d%%)", oimage->title, yzoom);
   }
   else if (!yzoom) {
     if (verbose)
       printf("  Zooming image X axis by %d%%...", xzoom);
     if (changetitle)
-      sprintf(buf, "%s (X zoom %d%%)", oimage->title, xzoom);
+      snprintf(buf, BUFSIZ, "%s (X zoom %d%%)", oimage->title, xzoom);
   }
   else if (xzoom == yzoom) {
     if (verbose)
       printf("  Zooming image by %d%%...", xzoom);
     if (changetitle)
-      sprintf(buf, "%s (%d%% zoom)", oimage->title, xzoom);
+      snprintf(buf, BUFSIZ, "%s (%d%% zoom)", oimage->title, xzoom);
   }
   else {
     if (verbose)
       printf("  Zooming image X axis by %d%% and Y axis by %d%%...",
 	     xzoom, yzoom);
     if (changetitle)
-      sprintf(buf, "%s (X zoom %d%% Y zoom %d%%)", oimage->title,
+      snprintf(buf, BUFSIZ, "%s (X zoom %d%% Y zoom %d%%)", oimage->title,
 	    xzoom, yzoom);
   }
+  buf[BUFSIZ-1] = '\0';
   if (!changetitle)
     strcpy(buf,oimage->title);
generated by cgit v1.2.3 (git 2.32.0) at 2024-04-30 18:16:05 +0200