CVE-2013-6462: unlimited sscanf overflows stack buffer in bdfReadCharacters()…

CVE-2013-6462: unlimited sscanf overflows stack buffer in bdfReadCharacters() from xorg/lib/libXfont http://lists.x.org/archives/xorg-announce/2014-January/002389.html Fixes cppcheck warning: [lib/libXfont/src/bitmap/bdfread.c:341]: (warning) scanf without field width limits can crash with huge input data.

CVE-2013-6462: unlimited sscanf overflows stack buffer in bdfReadCharacters()…
ac669437 · Mike DePaulo · Mike Gabriel · 72790a55 · ac669437
Commit ac669437 authored Feb 08, 2015 by Mike DePaulo Committed by Mike Gabriel Feb 14, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

bdfread.c nx-X11/lib/font/bitmap/bdfread.c +1 -1

No files found.
--- a/nx-X11/lib/font/bitmap/bdfread.c
+++ b/nx-X11/lib/font/bitmap/bdfread.c
@@ -344,7 +344,7 @@ bdfReadCharacters(FontFilePtr file, FontPtr pFont, bdfFileState *pState,
 	char        charName[100];
 	int         ignore;

-	if (sscanf((char *) line, "STARTCHAR %s", charName) != 1) {
+	if (sscanf((char *) line, "STARTCHAR %99s", charName) != 1) {
 	    bdfError("bad character name in BDF file\n");
 	    goto BAILOUT;	/* bottom of function, free and return error */
 	}