/[packages]/updates/5/gimp/current/SOURCES/Bug-790853-CVE-2017-17787-heap-overread-in-psp-impor.patch
ViewVC logotype

Annotation of /updates/5/gimp/current/SOURCES/Bug-790853-CVE-2017-17787-heap-overread-in-psp-impor.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1188362 - (hide annotations) (download)
Sun Dec 31 16:02:57 2017 UTC (18 months, 2 weeks ago) by luigiwalser
File size: 1261 byte(s)
add patches from debian to fix CVE-2017-1778[4-9]
1 luigiwalser 1188362 From: Jehan <jehan@girinstud.io>
2     Date: Thu, 21 Dec 2017 12:49:41 +0100
3     Subject: Bug 790853 - (CVE-2017-17787) heap overread in psp importer.
4     Origin: https://git.gnome.org/browse/GIMP/commit/?id=87ba505fff85989af795f4ab6a047713f4d9381d
5     Bug-Debian-Security: https://security-tracker.debian.org/tracker/CVE-2017-17787
6     Bug-Debian: https://bugs.debian.org/884927
7     Bug: https://bugzilla.gnome.org/show_bug.cgi?id=790853
8    
9     As any external data, we have to check that strings being read at fixed
10     length are properly nul-terminated.
11    
12     (cherry picked from commit eb2980683e6472aff35a3117587c4f814515c74d)
13     ---
14     plug-ins/common/file-psp.c | 6 ++++++
15     1 file changed, 6 insertions(+)
16    
17     diff --git a/plug-ins/common/file-psp.c b/plug-ins/common/file-psp.c
18     index 4cbafe37b1..e350e4d88d 100644
19     --- a/plug-ins/common/file-psp.c
20     +++ b/plug-ins/common/file-psp.c
21     @@ -890,6 +890,12 @@ read_creator_block (FILE *f,
22     g_free (string);
23     return -1;
24     }
25     + if (string[length - 1] != '\0')
26     + {
27     + g_message ("Creator keyword data not nul-terminated");
28     + g_free (string);
29     + return -1;
30     + }
31     switch (keyword)
32     {
33     case PSP_CRTR_FLD_TITLE:
34     --
35     2.15.1
36    

  ViewVC Help
Powered by ViewVC 1.1.26