From: Gert Wollny <gewo@debian.org>
Date: Wed, 6 Sep 2017 08:20:44 +0000 (+0000)
Subject: d/p/10:Add fix for possible string overflow
X-Git-Tag: archive/raspbian/3.6.9-4+rpi1^2~212
X-Git-Url: https://dgit.raspbian.org/%22http://www.example.com/cgi/%22/%22http:/www.example.com/cgi/%22?a=commitdiff_plain;h=35d06069aeedefc474ffe3d73a541e7e76eb2a1a;p=dcmtk.git

d/p/10:Add fix for possible string overflow
---

diff --git a/debian/patches/10_correct_format_output_size.patch b/debian/patches/10_correct_format_output_size.patch
new file mode 100644
index 00000000..11fbd884
--- /dev/null
+++ b/debian/patches/10_correct_format_output_size.patch
@@ -0,0 +1,19 @@
+Author: Gert Wollny <gw.fossdev@gmail.com>
+Description: Fix warning about writing beyond end of character array. 
+ Actually, the overflow is _very_unlikely, because having a series with 
+ more  then one million frames in a series is highly unlikely, but this 
+ fix has no relevant implications on the memory and runtime footprint of 
+ the code. 
+Last-Changed: 2017-09-06
+ 
+--- a/dcmnet/apps/storescp.cc
++++ b/dcmnet/apps/storescp.cc
+@@ -2470,7 +2470,7 @@
+     // determine the new file name: The first two characters of the old file name make up the [modality-prefix].
+     // The value for [consecutive-numbering] will be determined using the counter variable.
+     char modalityId[3];
+-    char newFileName[9];
++    char newFileName[13];
+     if (opt_timeNames)
+     {
+       // modality prefix are the first 2 characters after serial number (if present)
diff --git a/debian/patches/series b/debian/patches/series
index fe414400..17b50fc4 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -7,3 +7,4 @@
 07_dont_export_all_executables.patch
 08_remove_system_processor.patch
 09_fix_format_on_32bit.patch
+10_correct_format_output_size.patch