sane-backends/CVE-2020-12863.patch

From db9480b09ea807e52029f2334769a55d4b95e45b Mon Sep 17 00:00:00 2001
From: Olaf Meeuwissen <paddy-hack@member.fsf.org>
Date: Mon, 27 Apr 2020 18:24:56 +0900
Subject: [PATCH] epsonds: Read only up to seven hexdigits to determine payload
 size

Addresses GHSL-2020-083, re #279.
---
 backend/epsonds-cmd.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/backend/epsonds-cmd.c b/backend/epsonds-cmd.c
index 9a4db3080..23327bb18 100644
--- a/backend/epsonds-cmd.c
+++ b/backend/epsonds-cmd.c
@@ -117,7 +117,7 @@ esci2_check_header(const char *cmd, const char *buf, unsigned int *more)
 		return 0;
 	}
 
-	err = sscanf(&buf[5], "%x#", more);
+	err = sscanf(&buf[5], "%7x#", more);
 	if (err != 1) {
 		DBG(1, "cannot decode length from header\n");
 		return 0;
-- 
GitLab
Fix CVE-2020-12863 2021-09-30 09:53:46 +08:00			`From db9480b09ea807e52029f2334769a55d4b95e45b Mon Sep 17 00:00:00 2001`
			`From: Olaf Meeuwissen <paddy-hack@member.fsf.org>`
			`Date: Mon, 27 Apr 2020 18:24:56 +0900`
			`Subject: [PATCH] epsonds: Read only up to seven hexdigits to determine payload`
			`size`

			`Addresses GHSL-2020-083, re #279.`
			`---`
			`backend/epsonds-cmd.c \| 2 +-`
			`1 file changed, 1 insertion(+), 1 deletion(-)`

			`diff --git a/backend/epsonds-cmd.c b/backend/epsonds-cmd.c`
			`index 9a4db3080..23327bb18 100644`
			`--- a/backend/epsonds-cmd.c`
			`+++ b/backend/epsonds-cmd.c`
			`@@ -117,7 +117,7 @@ esci2_check_header(const char cmd, const char buf, unsigned int *more)`
			`return 0;`
			`}`

			`- err = sscanf(&buf[5], "%x#", more);`
			`+ err = sscanf(&buf[5], "%7x#", more);`
			`if (err != 1) {`
			`DBG(1, "cannot decode length from header\n");`
			`return 0;`
			`--`
			`GitLab`