From 1798cd757234c546b4d4a797f7edeb5523638ea2 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Jan=20R=C4=99korajski?= Date: Tue, 11 Jun 2013 13:47:25 +0200 Subject: [PATCH] - fix format string errors - rel 15 --- dx.spec | 4 +- format-security.patch | 237 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 240 insertions(+), 1 deletion(-) create mode 100644 format-security.patch diff --git a/dx.spec b/dx.spec index 7fdd773..ed00fdd 100644 --- a/dx.spec +++ b/dx.spec @@ -2,7 +2,7 @@ Summary: Excellent tool for making visualization of data Summary(pl.UTF-8): Doskonałe narzędzie do wizualizacji danych Name: dx Version: 4.4.4 -Release: 14 +Release: 15 License: IPL Group: Applications Source0: http://opendx.npaci.edu/source/%{name}-%{version}.tar.gz @@ -19,6 +19,7 @@ Patch5: %{name}-ac.patch Patch6: %{name}-ImageMagic.patch Patch7: %{name}-open.patch Patch8: %{name}-gcc43.patch +Patch9: format-security.patch URL: http://www.opendx.org/ BuildRequires: ImageMagick-devel >= 1:6.2.4.0 BuildRequires: OpenGL-devel @@ -124,6 +125,7 @@ Przykłady dla OpenDX. %patch6 -p1 %patch7 -p1 %patch8 -p1 +%patch9 -p1 %build %{__libtoolize} diff --git a/format-security.patch b/format-security.patch new file mode 100644 index 0000000..c578d7d --- /dev/null +++ b/format-security.patch @@ -0,0 +1,237 @@ +--- dx-4.4.4/src/exec/dxmods/colormap.c~ 2002-03-21 18:09:58.000000000 +0100 ++++ dx-4.4.4/src/exec/dxmods/colormap.c 2013-06-11 13:12:13.350684052 +0200 +@@ -1167,7 +1167,7 @@ + if (!ei.msgbuf) + return ERROR; + ei.mp = ei.msgbuf; +- sprintf(ei.mp,name); while(*ei.mp) ei.mp++; ++ sprintf(ei.mp,"%s",name); while(*ei.mp) ei.mp++; + sprintf(ei.mp, "NULL"); + DXUIMessage(id,ei.msgbuf); + DXFree(ei.msgbuf); +@@ -1186,7 +1186,7 @@ + ei.mp = ei.msgbuf; + shape[0]=2; + strcpy(ei.mp,""); +- sprintf(ei.mp,name); while(*ei.mp) ei.mp++; ++ sprintf(ei.mp,"%s",name); while(*ei.mp) ei.mp++; + if (num==1){ + sprintf(ei.mp,"{"); ei.mp++; + } +--- dx-4.4.4/src/exec/dxmods/exp_gai.c~ 2000-08-24 22:04:29.000000000 +0200 ++++ dx-4.4.4/src/exec/dxmods/exp_gai.c 2013-06-11 13:18:31.964648585 +0200 +@@ -422,7 +422,7 @@ + if (first == ON) + first = OFF; + else +- fprintf(h->dfp,del); ++ fprintf(h->dfp,"%s",del); + if (blank == ON) + pblank(arinfo,h); + else +@@ -439,7 +439,7 @@ + if (first == ON) + first = OFF; + else +- fprintf(h->dfp,del); ++ fprintf(h->dfp,"%s",del); + if (blank == ON) + pblank(arinfo,h); + else +@@ -456,7 +456,7 @@ + if (first == ON) + first = OFF; + else +- fprintf(h->dfp,del); ++ fprintf(h->dfp,"%s",del); + if (blank == ON) + pblank(arinfo,h); + else +@@ -473,7 +473,7 @@ + if (first == ON) + first = OFF; + else +- fprintf(h->dfp,del); ++ fprintf(h->dfp,"%s",del); + if (blank == ON) + pblank(arinfo,h); + else +@@ -490,7 +490,7 @@ + if (first == ON) + first = OFF; + else +- fprintf(h->dfp,del); ++ fprintf(h->dfp,"%s",del); + if (blank == ON) + pblank(arinfo,h); + else +@@ -507,7 +507,7 @@ + if (first == ON) + first = OFF; + else +- fprintf(h->dfp,del); ++ fprintf(h->dfp,"%s",del); + if (blank == ON) + pblank(arinfo,h); + else +@@ -524,7 +524,7 @@ + if (first == ON) + first = OFF; + else +- fprintf(h->dfp,del); ++ fprintf(h->dfp,"%s",del); + if (blank == ON) + pblank(arinfo,h); + else +@@ -541,7 +541,7 @@ + if (first == ON) + first = OFF; + else +- fprintf(h->dfp,del); ++ fprintf(h->dfp,"%s",del); + if (blank == ON) + pblank(arinfo,h); + else +@@ -554,7 +554,7 @@ + arinfo->last,scratch); + arinfo->last = (Pointer)nextstr; + if (first == OFF) +- fprintf(h->dfp,del); ++ fprintf(h->dfp,"%s",del); + if (blank == ON) + pblank(arinfo,h); + else { +@@ -830,7 +830,7 @@ + if (rank > 0) { + for (i=0; i 0) +- fprintf(h->dfp,del); ++ fprintf(h->dfp,"%s",del); + fprintf(h->dfp,"positions_cmp%d",i); + } + } +@@ -845,13 +845,13 @@ + !strcmp("positions",depon) && strcmp("invalid positions",name) + && strcmp("positions",name) ) { + if (first == OFF) +- fprintf(h->dfp,del); ++ fprintf(h->dfp,"%s",del); + DXGetArrayInfo((Array)a,NULL,&type,NULL,&rank,shape); + /* dim = (rank < 1) ? 1 : shape[0]; */ + if (type != TYPE_STRING && rank > 0 && shape[0] > 1) { + cmp = (char *)DXAllocate(strlen(name)+6); + for (j=0; j 0) fprintf(h->dfp, del); ++ if (j > 0) fprintf(h->dfp,"%s", del); + sprintf(cmp,"%s_cmp%d",name,j); + pstring(h->dfp,0,0,0,cmp); + } +--- dx-4.4.4/src/exec/dpexec/dxmain.c~ 2006-05-08 18:20:03.000000000 +0200 ++++ dx-4.4.4/src/exec/dpexec/dxmain.c 2013-06-11 13:23:52.217999584 +0200 +@@ -2129,7 +2129,7 @@ + if ((SFILEisatty(yyin) || (_dxd_exRshInput && yyin == _dxd_exBaseFD)) && + !prompted && _dxf_ExGQAllDone() && !SFILECharReady(yyin)) { + prompt = _dxf_ExPromptGet(PROMPT_ID_PROMPT); +- printf (prompt? prompt: EX_PROMPT); ++ printf ("%s",prompt? prompt: EX_PROMPT); + fflush (stdout); + prompted = TRUE; + } +@@ -2305,7 +2305,7 @@ + _dxf_ExGQAllDone ())\ + {\ + prompt = _dxf_ExPromptGet (PROMPT_ID_PROMPT);\ +- printf (prompt ? prompt : EX_PROMPT);\ ++ printf ("%s",prompt ? prompt : EX_PROMPT);\ + fflush (stdout);\ + prompted = TRUE;\ + }\ +--- dx-4.4.4/src/exec/dpexec/lex.c~ 2006-01-09 23:57:34.000000000 +0100 ++++ dx-4.4.4/src/exec/dpexec/lex.c 2013-06-11 13:24:53.625308550 +0200 +@@ -648,7 +648,7 @@ + if ((_dxd_exIsatty || _dxd_exRshInput) && !SFILECharReady(yyin)) + { + prompt = _dxf_ExPromptGet(PROMPT_ID_CPROMPT); +- printf (prompt? prompt: EX_CPROMPT); ++ printf ("%s",prompt? prompt: EX_CPROMPT); + fflush (stdout); + } + break; +--- dx-4.4.4/src/uipp/dxuilib/DXApplication.C~ 2013-06-11 13:08:39.031771731 +0200 ++++ dx-4.4.4/src/uipp/dxuilib/DXApplication.C 2013-06-11 13:27:50.373831329 +0200 +@@ -2553,7 +2553,7 @@ + const char* errmsg = + GraphLayout::SetHeightPerLevel (DXApplication::resource.autoLayoutHeight); + if (errmsg) { +- fprintf (stderr, errmsg); ++ fprintf (stderr, "%s", errmsg); + return FALSE; + } + } +@@ -2561,7 +2561,7 @@ + const char* errmsg = + GraphLayout::SetGroupSpacing (DXApplication::resource.autoLayoutGroupSpacing); + if (errmsg) { +- fprintf (stderr, errmsg); ++ fprintf (stderr, "%s", errmsg); + return FALSE; + } + } +@@ -2569,7 +2569,7 @@ + const char* errmsg = + GraphLayout::SetNodeSpacing (DXApplication::resource.autoLayoutNodeSpacing); + if (errmsg) { +- fprintf (stderr, errmsg); ++ fprintf (stderr, "%s", errmsg); + return FALSE; + } + } +@@ -3787,7 +3787,7 @@ + if (this->anchor) + InfoMessage(msg); + else +- fprintf(stderr,msg); ++ fprintf(stderr,"%s",msg); + + return NULL; + } +@@ -5019,7 +5019,7 @@ + fprintf (stderr, "Attempting to save any modified files.\n" + "Please check saved files for integrity by reloading them.\n"); + theDXApplication->emergencySave (msg); +- fprintf (stderr, msg); ++ fprintf (stderr, "%s", msg); + } + + fprintf(stderr,"The application will now abort.\n"); +@@ -5035,7 +5035,7 @@ + if (theDXApplication) { + char msg[4096]; + this->emergencySave(msg); +- fprintf(stderr, msg); ++ fprintf(stderr, "%s", msg); + } + + this->IBMApplication::abortApplication(); +--- dx-4.4.4/src/uipp/dxl/conn.c~ 2006-05-08 18:20:08.000000000 +0200 ++++ dx-4.4.4/src/uipp/dxl/conn.c 2013-06-11 13:30:02.578553195 +0200 +@@ -389,7 +389,7 @@ + char buf[2048]; + int n = read(err,buf,2048); + buf[n] = '\0'; +- fprintf(stderr,buf); ++ fprintf(stderr,"%s",buf); + } + #if defined(intelnt) || defined(WIN32) + TerminateProcess(child, -1); +--- dx-4.4.4/src/uipp/dxui/SelectionNode.C~ 2002-03-25 17:42:08.000000000 +0100 ++++ dx-4.4.4/src/uipp/dxui/SelectionNode.C 2013-06-11 13:31:19.139357071 +0200 +@@ -960,7 +960,7 @@ + ListIterator it(selection_stmts); + char* cp; + while ( (cp = (char*)it.getNext()) ) { +- fprintf (jf, cp); ++ fprintf (jf, "%s", cp); + delete cp; + } + } -- 2.44.0