Commit 2fdef4ba authored by Dirk Eddelbuettel's avatar Dirk Eddelbuettel

Import Debian changes 3.1.1-1+deb8u1

r-base (3.1.1-1+deb8u1) jessie-security; urgency=high

  * src/library/grDevices/src/devPS.c: Apply upstream commits r71664 and
    r71667 related to CVE-2016-8714 reported as TALOS-2016-0227
parent f2329ae0
r-base (3.1.1-1+deb8u1) jessie-security; urgency=high
* src/library/grDevices/src/devPS.c: Apply upstream commits r71664 and
r71667 related to CVE-2016-8714 reported as TALOS-2016-0227
-- Dirk Eddelbuettel <edd@debian.org> Tue, 14 Mar 2017 20:09:08 -0500
r-base (3.1.1-1) unstable; urgency=low
* New upstream version released this morning
......
Index: devPS.c
===================================================================
--- devPS.c (revision 71663)
+++ devPS.c (revision 71664)
@@ -513,13 +513,15 @@
if (!(fp = R_fopen(R_ExpandFileName(buf), "r"))) return 0;
}
if (GetNextItem(fp, buf, -1, &state)) return 0; /* encoding name */
- strcpy(encname, buf+1);
+ strncpy(encname, buf+1, 99);
+ encname[99] = '\0';
if (!isPDF) snprintf(enccode, 5000, "/%s [\n", encname);
else enccode[0] = '\0';
if (GetNextItem(fp, buf, 0, &state)) { fclose(fp); return 0;} /* [ */
for(i = 0; i < 256; i++) {
if (GetNextItem(fp, buf, i, &state)) { fclose(fp); return 0; }
- strcpy(encnames[i].cname, buf+1);
+ strncpy(encnames[i].cname, buf+1, 39);
+ encnames[i].cname[39] = '\0';
strcat(enccode, " /"); strcat(enccode, encnames[i].cname);
if(i%8 == 7) strcat(enccode, "\n");
}
Index: devPS.c
===================================================================
--- devPS.c (revision 71666)
+++ devPS.c (revision 71667)
@@ -521,7 +521,7 @@
for(i = 0; i < 256; i++) {
if (GetNextItem(fp, buf, i, &state)) { fclose(fp); return 0; }
strncpy(encnames[i].cname, buf+1, 39);
- encnames[i].cname[39] = '\0';
+ encnames[i].cname[39] = '\0';
strcat(enccode, " /"); strcat(enccode, encnames[i].cname);
if(i%8 == 7) strcat(enccode, "\n");
}
#
# ${R_HOME}/src/extra/tzone/Makefile
srcdir = .
top_srcdir = ../../..
top_builddir = ../../..
subdir = src/extra/tzone
include $(top_builddir)/Makeconf
SOURCES = localtime.c strftime.c
DEPENDS = $(SOURCES:.c=.d)
OBJECTS = $(SOURCES:.c=.o)
ALL_CFLAGS = $(R_XTRA_CFLAGS) $(CPICFLAGS) $(SHLIB_CFLAGS) $(CFLAGS) -fvisibility=hidden
ALL_CPPFLAGS=$(R_XTRA_CPPFLAGS) -I$(srcdir) -I$(top_srcdir)/src/main $(CPPFLAGS) $(DEFS)
R all: Makefile
@$(MAKE) Makedeps
@$(MAKE) libtz.a
libtz.a: $(OBJECTS)
@rm -f $@
$(AR) cr $@ $(OBJECTS)
@$(RANLIB) $@
Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status
@cd $(top_builddir) && $(SHELL) ./config.status $(subdir)/$@
Makedeps: Makefile $(DEPENDS)
@cat $(DEPENDS) >> Makefile
@touch $@
mostlyclean: clean
clean:
@-rm -f Makedeps *.d *.o *.lo *.a
distclean: clean
@-rm -f Makefile
maintainer-clean: distclean
install install-strip uninstall TAGS info dvi check:
## Automagically generated dependencies:
......@@ -513,13 +513,15 @@ LoadEncoding(const char *encpath, char *encname,
if (!(fp = R_fopen(R_ExpandFileName(buf), "r"))) return 0;
}
if (GetNextItem(fp, buf, -1, &state)) return 0; /* encoding name */
strcpy(encname, buf+1);
strncpy(encname, buf+1, 99);
encname[99] = '\0';
if (!isPDF) snprintf(enccode, 5000, "/%s [\n", encname);
else enccode[0] = '\0';
if (GetNextItem(fp, buf, 0, &state)) { fclose(fp); return 0;} /* [ */
for(i = 0; i < 256; i++) {
if (GetNextItem(fp, buf, i, &state)) { fclose(fp); return 0; }
strcpy(encnames[i].cname, buf+1);
strncpy(encnames[i].cname, buf+1, 39);
encnames[i].cname[39] = '\0';
strcat(enccode, " /"); strcat(enccode, encnames[i].cname);
if(i%8 == 7) strcat(enccode, "\n");
}
......
This diff is collapsed.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment