Package: libfile-mmagic-xs-perl

Package: libfile-mmagic-xs-perl / 0.09006-4

Metadata

Package	Version	Patches format
libfile-mmagic-xs-perl	0.09006-4	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
format_string_fix.diff \| (download)	src/perl-mmagic-xs.c \| 2 1 + 1 - 0 ! 1 file changed, 1 insertion(+), 1 deletion(-)	[patch] call croak() with a controlled format string Bug-Debian: http://bugs.debian.org/661539 Bug: https://rt.cpan.org/Public/Bug/Display.html?id=75568 This fixes builds with -Werror=format-security. The fatal error with an invalid offset contains a format string error that could be triggered with a crafted magic line. $ perl -MFile::MMagic::XS -e 'File::MMagic::XS->new->add_magic("%s%s%s%s")' Segmentation fault (core dumped)

Patch

File delta

Description

format_string_fix.diff | (download)

src/perl-mmagic-xs.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 [patch] call croak() with a controlled format string

Bug-Debian: http://bugs.debian.org/661539
Bug: https://rt.cpan.org/Public/Bug/Display.html?id=75568

This fixes builds with -Werror=format-security.

The fatal error with an invalid offset contains a format string error
that could be triggered with a crafted magic line.

$ perl -MFile::MMagic::XS -e 'File::MMagic::XS->new->add_magic("%s%s%s%s")'
Segmentation fault (core dumped)