diff options
author | lkundrak <lkundrak@pkgsrc.org> | 2007-07-04 13:17:11 +0000 |
---|---|---|
committer | lkundrak <lkundrak@pkgsrc.org> | 2007-07-04 13:17:11 +0000 |
commit | aa197b45249e6f3f9d245533dac6b055ab16344e (patch) | |
tree | 7cc3405ebafcbbf4b4f3bbc4b8dffd66d61ff973 /graphics/gimp/patches/patch-ae | |
parent | 6241f57df823817601c076fcdd29f7408daf0f72 (diff) | |
download | pkgsrc-aa197b45249e6f3f9d245533dac6b055ab16344e.tar.gz |
Fix for CVE-2007-2949 heap overflow in PSD code. Bump PKGREVISION.
Diffstat (limited to 'graphics/gimp/patches/patch-ae')
-rw-r--r-- | graphics/gimp/patches/patch-ae | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/graphics/gimp/patches/patch-ae b/graphics/gimp/patches/patch-ae new file mode 100644 index 00000000000..f3e89842c19 --- /dev/null +++ b/graphics/gimp/patches/patch-ae @@ -0,0 +1,19 @@ +$NetBSD: patch-ae,v 1.6.6.1 2007/07/04 13:17:12 lkundrak Exp $ + +Fix for CVE-2007-2949 heap overflow from upstream. + +--- plug-ins/common/psd.c.orig 2007-07-04 15:11:22.000000000 +0200 ++++ plug-ins/common/psd.c +@@ -1202,6 +1202,12 @@ seek_to_and_unpack_pixeldata(FILE* fd, g + width = channel->width; + height = channel->height; + ++ if (width > G_MAXINT16 || height > G_MAXINT16) ++ { ++ g_message ("Error: Invalid channel dimensions"); ++ gimp_quit (); ++ } ++ + IFDBG + { + printf("\t\t\tLayer (%d) Channel (%d:%d) Compression: %d (%s)\n", |