summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTupone Alfredo <tupone@gentoo.org>2015-12-15 21:46:09 +0100
committerTupone Alfredo <tupone@gentoo.org>2015-12-15 21:46:43 +0100
commit0ef2a66801ebe2b01265d26c5d9d497bf6277dd5 (patch)
tree3b446511735cc8cd22900f32aa81e7796fa00465 /games-server
parentapp-accessibility/edbrowse: bump to EAPI=5 and add libressl support (diff)
downloadgentoo-0ef2a66801ebe2b01265d26c5d9d497bf6277dd5.tar.gz
gentoo-0ef2a66801ebe2b01265d26c5d9d497bf6277dd5.tar.bz2
gentoo-0ef2a66801ebe2b01265d26c5d9d497bf6277dd5.zip
games-server/crossfire-server: Fix format security. Bug #544352
Package-Manager: portage-2.2.24
Diffstat (limited to 'games-server')
-rw-r--r--games-server/crossfire-server/crossfire-server-1.71.0.ebuild1
-rw-r--r--games-server/crossfire-server/files/crossfire-server-1.71.0-format.patch20
2 files changed, 21 insertions, 0 deletions
diff --git a/games-server/crossfire-server/crossfire-server-1.71.0.ebuild b/games-server/crossfire-server/crossfire-server-1.71.0.ebuild
index e0c191859bf..06055ecb7ab 100644
--- a/games-server/crossfire-server/crossfire-server-1.71.0.ebuild
+++ b/games-server/crossfire-server/crossfire-server-1.71.0.ebuild
@@ -28,6 +28,7 @@ RDEPEND=${DEPEND}
src_prepare() {
rm -f "${WORKDIR}"/maps/Info/combine.pl # bug #236205
ln -s "${WORKDIR}/arch" "${S}/lib" || die
+ epatch "${FILESDIR}"/${P}-format.patch
}
src_configure() {
diff --git a/games-server/crossfire-server/files/crossfire-server-1.71.0-format.patch b/games-server/crossfire-server/files/crossfire-server-1.71.0-format.patch
new file mode 100644
index 00000000000..174b785a0b9
--- /dev/null
+++ b/games-server/crossfire-server/files/crossfire-server-1.71.0-format.patch
@@ -0,0 +1,20 @@
+--- server/c_chat.c.old 2015-12-15 21:35:30.024866220 +0100
++++ server/c_chat.c 2015-12-15 21:36:58.479266312 +0100
+@@ -483,7 +483,7 @@
+ { "You spit over your left shoulder.", "%s spits over his left shoulder." },
+ { "Strut your stuff.", "%s struts proudly." },
+ { NULL, NULL },
+- { "%s patiently twiddles his thumbs.", "You patiently twiddle your thumbs." },
++ { "You patiently twiddle your thumbs.", "%s patiently twiddles his thumbs." },
+ { "You wave.", "%s waves happily." },
+ { "You whistle appreciatively.", "%s whistles appreciatively." },
+ { "Have you got something in your eye?", "%s winks suggestively." },
+@@ -645,7 +645,7 @@
+
+ if (*params == '\0') {
+ if (emotion > EMOTE_FIRST && emotion < EMOTE_LAST && single_emotes[emotion - 1][0] != NULL) {
+- snprintf(buf, sizeof(buf), single_emotes[emotion - 1][0]);
++ snprintf(buf, sizeof(buf), "%s", single_emotes[emotion - 1][0]);
+ snprintf(buf2, sizeof(buf2), single_emotes[emotion - 1][1], op->name);
+ } else {
+ snprintf(buf, sizeof(buf), "You are a nut.");