wordnet-3.0-CVE-2008-2149.patch


1
2
3
4
5
6
7
8
9
10
11
12

--- wordnet-3.0.orig/src/wn.c
+++ wordnet-3.0/src/wn.c
@@ -206,7 +206,8 @@
 		    outsenses += do_search(av[1], optptr->pos, optptr->search,
 					    whichsense, optptr->label);
 	    } else {
-		sprintf(tmpbuf, "wn: invalid search option: %s\n", av[j]);
+		/* Fix CVE-2008-2149: buffer overflows Andreas Tille <tille@debian.org> */
+		sprintf(tmpbuf, "wn: invalid search option: %.200s\n", av[j]);
 		display_message(tmpbuf);
 		errcount++;
 	    }