From cc847bd3b5d21d10a63988be57476459efda578e Mon Sep 17 00:00:00 2001 From: CoprDistGit Date: Mon, 5 Aug 2024 01:53:11 +0000 Subject: automatic import of enscript --- enscript-CVE-vasnprintf.patch | 15 +++++++++++++++ 1 file changed, 15 insertions(+) create mode 100644 enscript-CVE-vasnprintf.patch (limited to 'enscript-CVE-vasnprintf.patch') diff --git a/enscript-CVE-vasnprintf.patch b/enscript-CVE-vasnprintf.patch new file mode 100644 index 0000000..623f2ab --- /dev/null +++ b/enscript-CVE-vasnprintf.patch @@ -0,0 +1,15 @@ +diff --git a/intl/vasnprintf.c b/intl/vasnprintf.c +index 4a8e7f0..65ade71 100644 +--- a/intl/vasnprintf.c ++++ b/intl/vasnprintf.c +@@ -758,7 +758,9 @@ convert_to_decimal (mpn_t a, size_t extra_zeroes) + size_t a_len = a.nlimbs; + /* 0.03345 is slightly larger than log(2)/(9*log(10)). */ + size_t c_len = 9 * ((size_t)(a_len * (GMP_LIMB_BITS * 0.03345f)) + 1); +- char *c_ptr = (char *) malloc (xsum (c_len, extra_zeroes)); ++ /* We need extra_zeroes bytes for zeroes, followed by c_len bytes for the ++ digits of a, followed by 1 byte for the terminating NUL. */ ++ char *c_ptr = (char *) malloc (xsum (xsum (extra_zeroes, c_len), 1)); + if (c_ptr != NULL) + { + char *d_ptr = c_ptr; -- cgit v1.2.3