diff options
| author | he <he@pkgsrc.org> | 2012-05-25 08:31:35 +0000 |
|---|---|---|
| committer | he <he@pkgsrc.org> | 2012-05-25 08:31:35 +0000 |
| commit | d32e835f384386ed1b5e5749ffa52cc5dc07a6f7 (patch) | |
| tree | a284b355f7dc7eb310309d3d06e2857b6f50e7c7 /graphics/gdk-pixbuf | |
| parent | 31ccaca5a32c881ef9b6b5f9f78785b4eecdf5b2 (diff) | |
| download | pkgsrc-d32e835f384386ed1b5e5749ffa52cc5dc07a6f7.tar.gz | |
Add fix for http://secunia.com/advisories/49125/, taken from
http://bugzilla-attachments.gnome.org/attachment.cgi?id=212053.
Diffstat (limited to 'graphics/gdk-pixbuf')
| -rw-r--r-- | graphics/gdk-pixbuf/patches/patch-ao | 35 |
1 files changed, 35 insertions, 0 deletions
diff --git a/graphics/gdk-pixbuf/patches/patch-ao b/graphics/gdk-pixbuf/patches/patch-ao new file mode 100644 index 00000000000..be27cc78662 --- /dev/null +++ b/graphics/gdk-pixbuf/patches/patch-ao @@ -0,0 +1,35 @@ +$NetBSD: patch-ao,v 1.1 2012/05/25 08:31:35 he Exp $ + +Add fix for http://secunia.com/advisories/49125/, taken from +http://bugzilla-attachments.gnome.org/attachment.cgi?id=212053. + +--- gdk-pixbuf/io-xbm.c.orig 2001-01-21 04:13:40.000000000 +0000 ++++ gdk-pixbuf/io-xbm.c +@@ -177,10 +177,16 @@ read_bitmap_file_data (FILE *fstream, + type++; + } + +- if (!strcmp ("width", type)) ++ if (!strcmp ("width", type)) { ++ if (value <= 0) ++ RETURN (FALSE); + ww = (unsigned int) value; +- if (!strcmp ("height", type)) ++ } ++ if (!strcmp ("height", type)) { ++ if (value <= 0) ++ RETURN (FALSE); + hh = (unsigned int) value; ++ } + if (!strcmp ("hot", type)) { + if (type-- == name_and_type + || type-- == name_and_type) +@@ -221,6 +227,8 @@ read_bitmap_file_data (FILE *fstream, + bytes_per_line = (ww+7)/8 + padding; + + size = bytes_per_line * hh; ++ if (size / bytes_per_line != hh) /* overflow */ ++ RETURN (FALSE); + bits = g_malloc (size); + + if (version10p) { |