diff options
Diffstat (limited to 'net-analyzer/mtr/files/mtr-0.95-fortify-source-3.patch')
-rw-r--r-- | net-analyzer/mtr/files/mtr-0.95-fortify-source-3.patch | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/net-analyzer/mtr/files/mtr-0.95-fortify-source-3.patch b/net-analyzer/mtr/files/mtr-0.95-fortify-source-3.patch new file mode 100644 index 000000000000..0c3d593915e4 --- /dev/null +++ b/net-analyzer/mtr/files/mtr-0.95-fortify-source-3.patch @@ -0,0 +1,34 @@ +https://bugs.gentoo.org/911389 +https://github.com/traviscross/mtr/pull/468 +https://github.com/traviscross/mtr/commit/a1548b40c0dcf6dd44c5e6906f829e249428436b + +From 5908af4c19188cb17b62f23368b6ef462831a0cb Mon Sep 17 00:00:00 2001 +From: Marcus Meissner <meissner@suse.de> +Date: Tue, 11 Apr 2023 16:05:36 +0200 +Subject: [PATCH] fixed the sizes passed into snprintf + +--- a/ui/report.c ++++ b/ui/report.c +@@ -140,7 +140,7 @@ void report_close( + continue; + + snprintf(fmt, sizeof(fmt), "%%%ds", data_fields[j].length); +- snprintf(buf + len, sizeof(buf), fmt, data_fields[j].title); ++ snprintf(buf + len, sizeof(buf) - len, fmt, data_fields[j].title); + len += data_fields[j].length; + } + printf("%s\n", buf); +@@ -172,10 +172,10 @@ void report_close( + + /* 1000.0 is a temporary hack for stats usec to ms, impacted net_loss. */ + if (strchr(data_fields[j].format, 'f')) { +- snprintf(buf + len, sizeof(buf), data_fields[j].format, ++ snprintf(buf + len, sizeof(buf) - len, data_fields[j].format, + data_fields[j].net_xxx(at) / 1000.0); + } else { +- snprintf(buf + len, sizeof(buf), data_fields[j].format, ++ snprintf(buf + len, sizeof(buf) - len, data_fields[j].format, + data_fields[j].net_xxx(at)); + } + len += data_fields[j].length; + |