ALT Linux repositórios
| S: | 2.4.7-alt1 |
| 5.0: | 1.3.10-alt1 |
| 4.1: | 1.3.10-alt0.M41.4 |
| +updates: | 1.3.9-alt1.M41.1 |
| 4.0: | 1.2.12-alt6.M40.9 |
| +updates: | 1.2.12-alt6.M40.8 |
| 3.0: | 1.1.20-alt14.1 |
Group :: Sistema/Servidores
RPM: cups
Navegação
Main Changelog Spec Patches Sources Download Gear Bugs e FR Repocop
Patch: cups-1.2.12-CVE-2008-0053.patch
Download
Download
diff -up cups-1.2.4/filter/hpgl-input.c.CVE-2008-0053 cups-1.2.4/filter/hpgl-input.c
--- cups-1.2.4/filter/hpgl-input.c.CVE-2008-0053 2006-02-22 19:21:50.000000000 +0000
+++ cups-1.2.4/filter/hpgl-input.c 2008-03-20 15:29:57.000000000 +0000
@@ -3,6 +3,7 @@
*
* HP-GL/2 input processing for the Common UNIX Printing System (CUPS).
*
+ * Copyright 2007-2008 by Apple Inc.
* Copyright 1993-2006 by Easy Software Products.
*
* These coded instructions, statements, and computer programs are the
@@ -56,6 +57,7 @@ ParseCommand(FILE *fp, /* I - File to
i; /* Looping var */
char buf[262144], /* String buffer */
*bufptr; /* Pointer into buffer */
+ float temp; /* Temporary parameter value */
static param_t p[MAX_PARAMS]; /* Parameter buffer */
@@ -214,10 +216,10 @@ ParseCommand(FILE *fp, /* I - File to
case '-' :
case '+' :
ungetc(ch, fp);
- fscanf(fp, "%f", &(p[num_params].value.number));
- if (num_params < MAX_PARAMS)
+ if (fscanf(fp, "%f", &temp) == 1 && num_params < MAX_PARAMS)
{- p[num_params].type = PARAM_RELATIVE;
+ p[num_params].type = PARAM_RELATIVE;
+ p[num_params].value.number = temp;
num_params ++;
}
break;
@@ -233,10 +235,10 @@ ParseCommand(FILE *fp, /* I - File to
case '9' :
case '.' :
ungetc(ch, fp);
- fscanf(fp, "%f", &(p[num_params].value.number));
- if (num_params < MAX_PARAMS)
+ if (fscanf(fp, "%f", &temp) == 1 && num_params < MAX_PARAMS)
{- p[num_params].type = PARAM_ABSOLUTE;
+ p[num_params].type = PARAM_ABSOLUTE;
+ p[num_params].value.number = temp;
num_params ++;
}
break;