Fix for CVE-2007-2949 heap overflow in PSD code. Bump PKGREVISION.

author: lkundrak <lkundrak@pkgsrc.org> 2007-07-04 13:17:11 +0000
committer: lkundrak <lkundrak@pkgsrc.org> 2007-07-04 13:17:11 +0000
commit: aa197b45249e6f3f9d245533dac6b055ab16344e (patch)
tree: 7cc3405ebafcbbf4b4f3bbc4b8dffd66d61ff973 /graphics/gimp/patches/patch-ae
parent: 6241f57df823817601c076fcdd29f7408daf0f72 (diff)
download: pkgsrc-aa197b45249e6f3f9d245533dac6b055ab16344e.tar.gz
1 files changed, 19 insertions, 0 deletions
diff --git a/graphics/gimp/patches/patch-ae b/graphics/gimp/patches/patch-ae
new file mode 100644
index 00000000000..f3e89842c19
--- /dev/null
+++ b/graphics/gimp/patches/patch-ae
@@ -0,0 +1,19 @@
+$NetBSD: patch-ae,v 1.6.6.1 2007/07/04 13:17:12 lkundrak Exp $
+
+Fix for CVE-2007-2949 heap overflow from upstream.
+
+--- plug-ins/common/psd.c.orig	2007-07-04 15:11:22.000000000 +0200
++++ plug-ins/common/psd.c
+@@ -1202,6 +1202,12 @@ seek_to_and_unpack_pixeldata(FILE* fd, g
+   width = channel->width;
+   height = channel->height;
+ 
++  if (width > G_MAXINT16 || height > G_MAXINT16)
++    {
++      g_message ("Error: Invalid channel dimensions");
++      gimp_quit ();
++    }
++
+   IFDBG
+     {
+       printf("\t\t\tLayer (%d) Channel (%d:%d) Compression: %d (%s)\n",
author	lkundrak <lkundrak@pkgsrc.org>	2007-07-04 13:17:11 +0000
committer	lkundrak <lkundrak@pkgsrc.org>	2007-07-04 13:17:11 +0000
commit	aa197b45249e6f3f9d245533dac6b055ab16344e (patch)
tree	7cc3405ebafcbbf4b4f3bbc4b8dffd66d61ff973 /graphics/gimp/patches/patch-ae
parent	6241f57df823817601c076fcdd29f7408daf0f72 (diff)
download	pkgsrc-aa197b45249e6f3f9d245533dac6b055ab16344e.tar.gz