void-packages/srcpkgs/pev/patches/0005-Fix-misuse-of-sprintf-in-imphash.patch
Đoàn Trần Công Danh c289bc2767 pev: fix crash with -D_FORTIFY_SOURCE=2
While we're at it, correct plugins dir, license, and fix musl build.

Fix: #22604
2020-06-08 07:42:37 +02:00

27 lines
887 B
Diff

From f3f66090a0a8bdcdb98984322169c73be89892b6 Mon Sep 17 00:00:00 2001
From: Jakub Wilk <jwilk@jwilk.net>
Date: Mon, 17 Jul 2017 11:58:29 +0200
Subject: [PATCH 05/12] Fix misuse of sprintf() in imphash()
The results are undefined if source and destination buffers overlap when
calling sprintf().
---
src/pehash.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git src/pehash.c src/pehash.c
index db1735a..e49f0c1 100644
--- src/pehash.c
+++ src/pehash.c
@@ -477,7 +477,7 @@ static void imphash(pe_ctx_t *ctx, int flavor)
memset(imphash_string, 0, imphash_string_size);
LL_FOREACH_SAFE(head, elt, tmp) \
- sprintf(imphash_string, "%s%s.%s,", imphash_string, elt->dll_name, elt->function_name); \
+ sprintf(imphash_string + strlen(imphash_string), "%s.%s,", elt->dll_name, elt->function_name); \
LL_DELETE(head, elt);
free(elt);
--
2.26.2.672.g232c24e857