fonts/fontforge stack buffer overflow

To: adam%NetBSD.org@localhost
Subject: fonts/fontforge stack buffer overflow
From: Nicolas Thauvin <nico%orgrim.net@localhost>
Date: Sun, 10 Oct 2010 01:09:11 +0200

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

While building print/lilypond, I have run in the stack buffer overflow
issue found upstream:
http://sourceforge.net/mailarchive/forum.php?thread_name=4C5D676B.3000509%40limes.com.pl&forum_name=fontforge-devel

Adding the given patch to my localpatches solved to problem.


- --- fontforge/svg.c.orig      Thu Jul  8 21:17:10 2010
+++ fontforge/svg.c     Thu Jul  8 21:49:46 2010
@@ -150,7 +150,7 @@ return( defwid );
 static int svg_pathdump(FILE *file, SplineSet *spl, int lineout,
        int forceclosed, int do_clips) {
     BasePoint last;
- -    char buffer[60];
+    char buffer[85];
     int closed=false;
     Spline *sp, *first;
     /* as I see it there is nothing to be gained by optimizing out the */


Regards,
Nicolas
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (NetBSD)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkyw9hcACgkQ3ylMjdXeRSBlBQCffd8UY1hUq54PqUkwVIKaTtgQ
njYAoKEPkXtU2n/6W01oMK+vh+SXypmz
=S5Dw
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: fonts/fontforge stack buffer overflow
  - From: Thomas Klausner

Prev by Date: Re: Bulk builds
Next by Date: lang/ocaml 3.12.0 build issue
Previous by Thread: [editors/vim-share] Upgrade patch
Next by Thread: Re: fonts/fontforge stack buffer overflow
Indexes:

Home | Main Index | Thread Index | Old Index