Bugzilla – Attachment 10341 Details for
Bug 33756
VUL-0: CVE-2003-0289: security issues in cdrecord
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
IDP Log In
|
Forgot Password
[patch]
Would have sworn I'd added it. Sorry.
cdrtools-1.11-fmtbug.patch (text/plain), 1.08 KB, created by
Olaf Kirch
on 2002-09-03 18:32:39 UTC
(
hide
)
Description:
Would have sworn I'd added it. Sorry.
Filename:
MIME Type:
Creator:
Olaf Kirch
Created:
2002-09-03 18:32:39 UTC
Size:
1.08 KB
patch
obsolete
> > This patch fixes several format string bugs in cdrecord. > >--- cdrtools-1.11/librscg/scsi-remote.c.fmtbug Mon May 20 15:38:24 2002 >+++ cdrtools-1.11/librscg/scsi-remote.c Mon Sep 2 15:25:26 2002 >@@ -260,7 +260,7 @@ > /* > * Save non user@host:device > */ >- js_snprintf(devname, sizeof(devname), device); >+ js_snprintf(devname, sizeof(devname), "%s", device); > > if ((p = strchr(devname, ':')) != NULL) > *p++ = '\0'; >--- cdrtools-1.11/libscg/scsiopen.c.fmtbug Sun Mar 18 14:54:18 2001 >+++ cdrtools-1.11/libscg/scsiopen.c Mon Sep 2 15:27:50 2002 >@@ -239,7 +239,7 @@ > } > if (scg__open(scgp, devname) <= 0) { > if (errs && scgp->errstr) >- js_snprintf(errs, slen, scgp->errstr); >+ js_snprintf(errs, slen, "%s", scgp->errstr); > scg_sfree(scgp); > return ((SCSI *)0); > } >--- cdrtools-1.11/libscg/scsitransp.c.fmtbug Sat May 4 20:42:58 2002 >+++ cdrtools-1.11/libscg/scsitransp.c Mon Sep 2 15:29:13 2002 >@@ -1053,7 +1053,7 @@ > register char *p = buf; > register int amt; > >- amt = js_snprintf(p, maxcnt, s); >+ amt = js_snprintf(p, maxcnt, "%s", s); > if (amt < 0) > return (amt); > p += amt;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=10341">View the attachment on a separate page</a>.</b>
Actions:
View
|
Diff
Attachments on
bug 33756
: 10341