From: Dr. Werner Fink <werner@suse.de>
Subject: Fix stack-based buffer overflow by processing certain FIG images.
 Closes: 606257: CVE-2010-4262: Buffer overflow
Bug: https://bugzilla.redhat.com/show_bug.cgi?id=659676
Bug-Debian: http://bugs.debian.org/606257

--- a/w_msgpanel.c
+++ b/w_msgpanel.c
@@ -60,7 +60,7 @@
 /* for the popup message (file_msg) window */
 
 static int	file_msg_length=0;
-static char	tmpstr[300];
+static char	tmpstr[512];
 static Widget	file_msg_panel,
 		file_msg_win, file_msg_dismiss;
 
@@ -582,8 +582,8 @@
     }
 
     va_start(ap, format);
-    /* format the string */
-    vsprintf(tmpstr, format, ap);
+    /* format the string (but leave room for \n and \0) */
+    vsnprintf(tmpstr, sizeof(tmpstr)-2, format, ap);
     va_end(ap);
 
     strcat(tmpstr,"\n");