Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:Alexander_Naumov:SLE-12:Update
rrdtool.3834
rrdtool-1.4.7-CVE-2013-2131-imginfo_format_chec...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File rrdtool-1.4.7-CVE-2013-2131-imginfo_format_check.patch of Package rrdtool.3834
Index: rrdtool-1.4.7/src/rrd_graph.c =================================================================== --- rrdtool-1.4.7.orig/src/rrd_graph.c +++ rrdtool-1.4.7/src/rrd_graph.c @@ -4016,6 +4016,12 @@ rrd_info_t *rrd_graph_v( char *path; char *filename; + if (bad_format_imginfo(im.imginfo)) { + rrd_info_free(im.grinfo); + im_free(&im); + rrd_set_error("bad format for imginfo"); + return NULL; + } path = strdup(im.graphfile); filename = basename(path); info.u_str = @@ -4820,6 +4826,51 @@ int bad_format( } +int bad_format_imginfo( + char *fmt) +{ + char *ptr; + int n = 0; + + ptr = fmt; + while (*ptr != '\0') + if (*ptr++ == '%') { + + /* line cannot end with percent char */ + if (*ptr == '\0') + return 1; + /* '%%' is allowed */ + if (*ptr == '%') + ptr++; + /* '%s', '%S' are allowed */ + else if (*ptr == 's' || *ptr == 'S') { + n = 1; + ptr++; + } + + /* or else '% 4lu' and such are allowed */ + else { + /* optional padding character */ + if (*ptr == ' ') + ptr++; + /* This should take care of 'm' */ + while (*ptr >= '0' && *ptr <= '9') + ptr++; + /* 'lu' must follow here */ + if (*ptr++ != 'l') + return 1; + if (*ptr == 'u') + ptr++; + else + return 1; + n++; + } + } + + return (n != 3); +} + + int vdef_parse( struct graph_desc_t *gdes,
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
