23 lines
825 B
Diff
23 lines
825 B
Diff
From d678ccd27b8a062e3bfd4c80d8ce2676a8166a27 Mon Sep 17 00:00:00 2001
|
|
From: Richard Hughes <richard@hughsie.com>
|
|
Date: Mon, 19 Sep 2016 10:03:36 +0100
|
|
Subject: [PATCH] CVE-2008-3522
|
|
|
|
---
|
|
converter/other/jpeg2000/libjasper/base/jas_stream.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/converter/other/jpeg2000/libjasper/base/jas_stream.c b/converter/other/jpeg2000/libjasper/base/jas_stream.c
|
|
index 9a885564..fa9cb302 100644
|
|
--- a/converter/other/jpeg2000/libjasper/base/jas_stream.c
|
|
+++ b/converter/other/jpeg2000/libjasper/base/jas_stream.c
|
|
@@ -553,7 +553,7 @@ int jas_stream_printf(jas_stream_t *stream, const char *fmt, ...)
|
|
int ret;
|
|
|
|
va_start(ap, fmt);
|
|
- ret = vsprintf(buf, fmt, ap);
|
|
+ ret = vsnprintf(buf, sizeof buf, fmt, ap);
|
|
jas_stream_puts(stream, buf);
|
|
va_end(ap);
|
|
return ret;
|