From 15326114dcb0f634dc710d89a5cbba424d1ac894 Mon Sep 17 00:00:00 2001
From: Joseph Koshy <jkoshy@FreeBSD.org>
Date: Fri, 21 Oct 2005 08:15:53 +0000
Subject: Fix a few potential buffer overflows in this port.

Security:	CAN-2005-3178 (for xloadimage)
Prodded by:	naddy
---
 graphics/xli/files/patch-zoom.c | 33 +++++++++++++++++++++++++++++++++
 1 file changed, 33 insertions(+)
 create mode 100644 graphics/xli/files/patch-zoom.c

(limited to 'graphics/xli/files/patch-zoom.c')

diff --git a/graphics/xli/files/patch-zoom.c b/graphics/xli/files/patch-zoom.c
new file mode 100644
index 000000000000..2543667a897f
--- /dev/null
+++ b/graphics/xli/files/patch-zoom.c
@@ -0,0 +1,33 @@
+--- zoom.c.orig	Thu Oct 13 04:42:36 2005
++++ zoom.c	Thu Oct 13 04:43:47 2005
+@@ -52,26 +52,26 @@
+     if (verbose)
+       printf("  Zooming image Y axis by %d%%...", yzoom);
+     if (changetitle)
+-      sprintf(buf, "%s (Y zoom %d%%)", oimage->title, yzoom);
++      snprintf(buf, sizeof(buf), "%s (Y zoom %d%%)", oimage->title, yzoom);
+   }
+   else if (!yzoom) {
+     if (verbose)
+       printf("  Zooming image X axis by %d%%...", xzoom);
+     if (changetitle)
+-      sprintf(buf, "%s (X zoom %d%%)", oimage->title, xzoom);
++      snprintf(buf, sizeof(buf), "%s (X zoom %d%%)", oimage->title, xzoom);
+   }
+   else if (xzoom == yzoom) {
+     if (verbose)
+       printf("  Zooming image by %d%%...", xzoom);
+     if (changetitle)
+-      sprintf(buf, "%s (%d%% zoom)", oimage->title, xzoom);
++      snprintf(buf, sizeof(buf), "%s (%d%% zoom)", oimage->title, xzoom);
+   }
+   else {
+     if (verbose)
+       printf("  Zooming image X axis by %d%% and Y axis by %d%%...",
+ 	     xzoom, yzoom);
+     if (changetitle)
+-      sprintf(buf, "%s (X zoom %d%% Y zoom %d%%)", oimage->title,
++      snprintf(buf, sizeof(buf), "%s (X zoom %d%% Y zoom %d%%)", oimage->title,
+ 	    xzoom, yzoom);
+   }
+   if (!changetitle)
-- 
cgit v1.2.3