nss/sign-sprintf-check.patch

diff -up ./nss/cmd/signtool/sign.c.org ./nss/cmd/signtool/sign.c
--- ./nss/cmd/signtool/sign.c.org	2018-01-18 15:19:59.000000000 +0100
+++ ./nss/cmd/signtool/sign.c	2018-01-29 22:46:32.599450048 +0100
@@ -83,7 +83,12 @@ SignArchive(char *tree, char *keyName, c
         /* rsa/dsa to zip */
         sprintf(tempfn, "META-INF/%s.%s", base, (keyType == dsaKey ? "dsa"
                                                                    : "rsa"));
-        sprintf(fullfn, "%s/%s", tree, tempfn);
+        if (snprintf(fullfn, FNSIZE, "%s/%s", tree, tempfn) >= FNSIZE) {
+            PR_fprintf(errorFD, "buffer overflow, the tree \"%s\" was NOT SUCCESSFULLY SIGNED\n",
+                       tree);
+            errorCount++;
+            exit(ERRX);
+        }
         JzipAdd(fullfn, tempfn, zipfile, compression_level);
 
         /* Loop through all files & subdirectories, add to archive */
@@ -93,12 +98,22 @@ SignArchive(char *tree, char *keyName, c
     }
     /* mf to zip */
     strcpy(tempfn, "META-INF/manifest.mf");
-    sprintf(fullfn, "%s/%s", tree, tempfn);
+    if (snprintf(fullfn, FNSIZE, "%s/%s", tree, tempfn) >= FNSIZE) {
+        PR_fprintf(errorFD, "buffer overflow, the tree \"%s\" was NOT SUCCESSFULLY SIGNED\n",
+                   tree);
+        errorCount++;
+        exit(ERRX);
+    }
     JzipAdd(fullfn, tempfn, zipfile, compression_level);
 
     /* sf to zip */
     sprintf(tempfn, "META-INF/%s.sf", base);
-    sprintf(fullfn, "%s/%s", tree, tempfn);
+    if (snprintf(fullfn, FNSIZE, "%s/%s", tree, tempfn) >= FNSIZE) {
+        PR_fprintf(errorFD, "buffer overflow, the tree \"%s\" was NOT SUCCESSFULLY SIGNED\n",
+                   tree);
+        errorCount++;
+        exit(ERRX);
+    }
     JzipAdd(fullfn, tempfn, zipfile, compression_level);
 
     /* Add the rsa/dsa file to the zip archive normally */
@@ -106,7 +121,12 @@ SignArchive(char *tree, char *keyName, c
         /* rsa/dsa to zip */
         sprintf(tempfn, "META-INF/%s.%s", base, (keyType == dsaKey ? "dsa"
                                                                    : "rsa"));
-        sprintf(fullfn, "%s/%s", tree, tempfn);
+        if (snprintf(fullfn, FNSIZE, "%s/%s", tree, tempfn) >= FNSIZE) {
+            PR_fprintf(errorFD, "buffer overflow, the tree \"%s\" was NOT SUCCESSFULLY SIGNED\n",
+                       tree);
+            errorCount++;
+            exit(ERRX);
+        }
         JzipAdd(fullfn, tempfn, zipfile, compression_level);
     }