From ac316634e4452bcf97ff8ebc5fbabf27337a16dd Mon Sep 17 00:00:00 2001
From: Yuuki Harano <masm-emacs@masm11.ddo.jp>
Date: Fri, 1 Dec 2017 19:31:16 +0000
Subject: [PATCH] Fix buffer overflow in fontname conversion (Bug#29523)

* src/nsterm.m (ns_xlfd_to_fontname): Fix sscanf format.

Copyright-paperwork-exempt: yes
---
 src/nsterm.m | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/nsterm.m b/src/nsterm.m
index 59a42eed887..50e06c94d45 100644
--- a/src/nsterm.m
+++ b/src/nsterm.m
@@ -9152,9 +9152,9 @@ ns_xlfd_to_fontname (const char *xlfd)
   const char *ret;
 
   if (!strncmp (xlfd, "--", 2))
-    sscanf (xlfd, "--%*[^-]-%[^-]179-", name);
+    sscanf (xlfd, "--%*[^-]-%179[^-]-", name);
   else
-    sscanf (xlfd, "-%*[^-]-%[^-]179-", name);
+    sscanf (xlfd, "-%*[^-]-%179[^-]-", name);
 
   /* stopgap for malformed XLFD input */
   if (strlen (name) == 0)
-- 
2.39.2