From 8376ef56580626e9c0f796d5b85b53a0a1c7d5f5 Mon Sep 17 00:00:00 2001 From: V3n3RiX Date: Sat, 14 Jul 2018 21:03:06 +0100 Subject: gentoo resync : 14.07.2018 --- .../files/foremost-1.5.7-format-security.patch | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) create mode 100644 app-forensics/foremost/files/foremost-1.5.7-format-security.patch (limited to 'app-forensics/foremost/files/foremost-1.5.7-format-security.patch') diff --git a/app-forensics/foremost/files/foremost-1.5.7-format-security.patch b/app-forensics/foremost/files/foremost-1.5.7-format-security.patch new file mode 100644 index 000000000000..32d1a4d3c7f6 --- /dev/null +++ b/app-forensics/foremost/files/foremost-1.5.7-format-security.patch @@ -0,0 +1,22 @@ +diff --git a/extract.c b/extract.c +index 30bdf54..9639117 100755 +--- a/extract.c ++++ b/extract.c +@@ -2110,7 +2110,6 @@ unsigned char *extract_exe(f_state *s, u_int64_t c_offset, unsigned char *founda + int i = 0; + time_t compile_time = 0; + struct tm *ret_time; +- char comment[32]; + char ascii_time[32]; + + if (buflen < 100) +@@ -2145,8 +2144,7 @@ unsigned char *extract_exe(f_state *s, u_int64_t c_offset, unsigned char *founda + ret_time->tm_sec); + chop(ascii_time); + +- sprintf(comment, ascii_time); +- strcat(needle->comment, comment); ++ strcat(needle->comment, ascii_time); + exe_char = htos(&foundat[22], FOREMOST_LITTLE_ENDIAN); + if (exe_char & 0x2000) + { -- cgit v1.2.3