-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Squeeze reached end of life. Package libc6 in wheezy is patched against the bug. Package libc6 in jessie is not vulnerable as it uses a newer libc6 release.
So I think we should close this bug and concentrate on updating our mesa code to the newest version instead of patching some old version.
Best regards
Heinrich
On 31.01.2015 16:04, Mike Gabriel wrote:
Hi Heinrich,
On Fr 30 Jan 2015 20:35:53 CET, Heinrich Schuchardt wrote:
package: nx-libs version: head
In different parts of the nx-libs library you can find usages of scanf like
/* check for MESA_GAMMA environment variable */ gamma = _mesa_getenv("MESA_GAMMA"); if (gamma) { v->RedGamma = v->GreenGamma = v->BlueGamma = 0.0; sscanf( gamma, "%f %f %f", &v->RedGamma, &v->GreenGamma, &v->BlueGamma );
According to cppcheck:
scanf without field width limits can crash with huge input data on libc versions older than 2.13-25. Add a field width specifier to fix this problem: %i => %3i
Any chance you could also provide a patch for this?
Mike
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBAgAGBQJUz+CVAAoJEMSB27wsBRrE4mUP/j3JjSvGQ6chMdlCaQd94Ar6 LIBJvEeS9ZiR/rgFFaXdqUMzZVzYs2bm4Vvp0LlY9iUVFbhCgKQimRhLVq26A1iT 5EtJOFRu51Fzrd1y6Nk00PBKCqbsWSJwI81TUKnckjaCo3QyobWyMqqI75eXjMSf RSWIGWgtLznPMqvByoKEnndDQjrCBBeMPBF7sinBw5ZM994Ff9VobHv7vXUYwvrY mXlIgiuVf/6ztFTnwCsDD1hRreOk4BBTgp4tPsVqwB/06l8OvnaeBfD35BOSJ8Ns AKwbxeRSNFOS4UP01zAgAsTMblzabyKnzS57lGomYQp3RB8c3K9DyUnk6CVSlBlN AI7fjnaQEW9qL4d8UBRsQlZ7b9vryavNtUY7UyPtVMuXXA0WaewZIGUUpI5odtvd WAoe0DEY2i+dW3ByIuGC1mH7ujgSLZGuke1gGdODlaLiExDsmm5P6hmIv+xE9gNQ RBk5pYSx3H75Hckm2yTxhNx/9NcwJbjHa1pwa8Lz6r63/Ssa6TQhxuGsFH2l49iZ YYbLHEP1s0FKQWxtE1B3NOYLeOwiCP4l7+qJ/KUZnmGCep2L4xC88OP1WMPn4+t6 vfoGkAHr9x0Ii7eP7fFaBEpImlx6dWI9mtZcSRfKfq/OhjAQPMspv7rl149i+1Iu 8OfiW4rp02zs54r92ejJ =2gk9 -----END PGP SIGNATURE-----