rpms/htmldoc/F-10 htmldoc-1.8.27-fortify-fail.patch, NONE, 1.1 htmldoc-1.8.27-scanf-overflows.patch, NONE, 1.1 htmldoc.spec, 1.10, 1.11
Adam Goode
agoode at fedoraproject.org
Fri Aug 14 04:50:51 UTC 2009
Author: agoode
Update of /cvs/extras/rpms/htmldoc/F-10
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv21582
Modified Files:
htmldoc.spec
Added Files:
htmldoc-1.8.27-fortify-fail.patch
htmldoc-1.8.27-scanf-overflows.patch
Log Message:
* Thu Aug 13 2009 Adam Goode <adam at spicenitz.org> - 1.8.27-8
- Fix limitation of -D_FORTIFY_SOURCE=2 (#511520)
- Fix scanf overflows (#512513)
htmldoc-1.8.27-fortify-fail.patch:
ps-pdf.cxx | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- NEW FILE htmldoc-1.8.27-fortify-fail.patch ---
diff -ur htmldoc-1.8.27~/htmldoc/ps-pdf.cxx htmldoc-1.8.27/htmldoc/ps-pdf.cxx
--- htmldoc-1.8.27~/htmldoc/ps-pdf.cxx 2009-08-13 19:32:21.846860508 -0400
+++ htmldoc-1.8.27/htmldoc/ps-pdf.cxx 2009-08-13 19:40:29.185857503 -0400
@@ -8619,7 +8619,7 @@
return (NULL);
}
// Safe because buffer is allocated...
- strcpy((char *)r->data.text.buffer, (char *)data);
+ memcpy((char *)r->data.text.buffer, (char *)data, strlen((char *)data));
get_color(_htmlTextColor, r->data.text.rgb);
break;
case RENDER_IMAGE :
@@ -8640,7 +8640,7 @@
return (NULL);
}
// Safe because buffer is allocated...
- strcpy((char *)r->data.link, (char *)data);
+ memcpy((char *)r->data.link, (char *)data, strlen((char *)data));
break;
}
htmldoc-1.8.27-scanf-overflows.patch:
htmllib.cxx | 2 +-
htmllib.cxx.orig |only
ps-pdf.cxx | 2 +-
ps-pdf.cxx.orig |only
util.cxx | 2 +-
5 files changed, 3 insertions(+), 3 deletions(-)
--- NEW FILE htmldoc-1.8.27-scanf-overflows.patch ---
diff -ur htmldoc-1.8.27~/htmldoc/htmllib.cxx htmldoc-1.8.27/htmldoc/htmllib.cxx
--- htmldoc-1.8.27~/htmldoc/htmllib.cxx 2009-08-13 19:25:30.066734472 -0400
+++ htmldoc-1.8.27/htmldoc/htmllib.cxx 2009-08-13 19:25:38.997733603 -0400
@@ -2154,7 +2154,7 @@
* assigned charset...
*/
- if (sscanf(line, "%*s%*s%*s%*s%f%*s%*s%s", &width, glyph) != 2)
+ if (sscanf(line, "%*s%*s%*s%*s%f%*s%*s%63s", &width, glyph) != 2)
continue;
for (ch = 0; ch < 256; ch ++)
Only in htmldoc-1.8.27/htmldoc: htmllib.cxx.orig
diff -ur htmldoc-1.8.27~/htmldoc/ps-pdf.cxx htmldoc-1.8.27/htmldoc/ps-pdf.cxx
--- htmldoc-1.8.27~/htmldoc/ps-pdf.cxx 2009-08-13 19:25:30.076736152 -0400
+++ htmldoc-1.8.27/htmldoc/ps-pdf.cxx 2009-08-13 19:25:39.010735889 -0400
@@ -12515,7 +12515,7 @@
* assigned charset...
*/
- if (sscanf(line, "%*s%*s%*s%*s%d%*s%*s%s", &width, glyph) != 2)
+ if (sscanf(line, "%*s%*s%*s%*s%d%*s%*s%63s", &width, glyph) != 2)
continue;
for (ch = 0; ch < 256; ch ++)
Only in htmldoc-1.8.27/htmldoc: ps-pdf.cxx.orig
diff -ur htmldoc-1.8.27~/htmldoc/util.cxx htmldoc-1.8.27/htmldoc/util.cxx
--- htmldoc-1.8.27~/htmldoc/util.cxx 2005-04-24 15:20:32.000000000 -0400
+++ htmldoc-1.8.27/htmldoc/util.cxx 2009-08-13 19:25:39.014737749 -0400
@@ -484,7 +484,7 @@
PageWidth = 595;
PageLength = 792;
}
- else if (sscanf(size, "%fx%f%s", &width, &length, units) >= 2)
+ else if (sscanf(size, "%fx%f%254s", &width, &length, units) >= 2)
{
/*
* Custom size...
Index: htmldoc.spec
===================================================================
RCS file: /cvs/extras/rpms/htmldoc/F-10/htmldoc.spec,v
retrieving revision 1.10
retrieving revision 1.11
diff -u -p -r1.10 -r1.11
--- htmldoc.spec 30 Aug 2008 17:18:55 -0000 1.10
+++ htmldoc.spec 14 Aug 2009 04:50:51 -0000 1.11
@@ -1,7 +1,7 @@
Name: htmldoc
Version: 1.8.27
-Release: 7%{?dist}
-Summary: Convert HTML source files into HTML, PostScript, or PDF
+Release: 8%{?dist}
+Summary: Converter from HTML into indexed HTML, PostScript, or PDF
Group: Applications/Publishing
@@ -13,6 +13,8 @@ BuildRoot: %{_tmppath}/%{name}-%{version
Source: http://ftp.easysw.com/pub/%{name}/%{version}/%{name}-%{version}-source.tar.bz2
Patch0: htmldoc-1.8.27-desktop-icon.patch
+Patch3: htmldoc-1.8.27-scanf-overflows.patch
+Patch4: htmldoc-1.8.27-fortify-fail.patch
BuildRequires: openssl-devel libjpeg-devel libpng-devel zlib-devel
BuildRequires: fltk-devel libXpm-devel desktop-file-utils
@@ -37,9 +39,15 @@ you to change options and generate docum
# fix up hardcoded documentation path
sed -i 's/\(\$prefix\/share\/doc\/htmldoc\)/\1-%{version}/g' configure
-# fix desktop icon (upstream bug STR #169)
+# fix desktop icon (http://www.htmldoc.org/str.php?L169)
%patch0 -p1 -b .desktop-icon
+# fix some scanf overflows (http://www.htmldoc.org/str.php?L214)
+%patch3 -p1 -b .scanf-overflows
+
+# fix limitation of -D_FORTIFY_SOURCE=2
+%patch4 -p1 -b .fortify-fail
+
%build
%configure
@@ -65,8 +73,8 @@ install -d ${RPM_BUILD_ROOT}%{_datadir}/
cp -a desktop/htmldoc.xml ${RPM_BUILD_ROOT}%{_datadir}/mime/packages
# desktop file
-desktop-file-install --vendor fedora \
- --dir ${RPM_BUILD_ROOT}%{_datadir}/applications \
+desktop-file-install --vendor fedora \
+ --dir ${RPM_BUILD_ROOT}%{_datadir}/applications \
--remove-category=X-Red-Hat-Base \
--add-mime-type=application/vnd.htmldoc-book \
desktop/htmldoc.desktop
@@ -76,7 +84,7 @@ desktop-file-install --vendor fedora
# scriptlet for icons
touch --no-create %{_datadir}/icons/hicolor || :
if [ -x %{_bindir}/gtk-update-icon-cache ]; then
- %{_bindir}/gtk-update-icon-cache --quiet %{_datadir}/icons/hicolor || :
+ %{_bindir}/gtk-update-icon-cache --quiet %{_datadir}/icons/hicolor || :
fi
# scriptlet for MIME
@@ -90,7 +98,7 @@ update-desktop-database &> /dev/null ||
# scriptlet for icons
touch --no-create %{_datadir}/icons/hicolor || :
if [ -x %{_bindir}/gtk-update-icon-cache ]; then
- %{_bindir}/gtk-update-icon-cache --quiet %{_datadir}/icons/hicolor || :
+ %{_bindir}/gtk-update-icon-cache --quiet %{_datadir}/icons/hicolor || :
fi
# scriptlet for MIME
@@ -117,6 +125,10 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Thu Aug 13 2009 Adam Goode <adam at spicenitz.org> - 1.8.27-8
+- Fix limitation of -D_FORTIFY_SOURCE=2 (#511520)
+- Fix scanf overflows (#512513)
+
* Sat Aug 30 2008 Adam Goode <adam at spicenitz.org> - 1.8.27-7
- RPM 4.6 fix for patch tag
More information about the fedora-extras-commits
mailing list