daftaupe/opt
1
0
Fork 0
forked from ports/opt
Code Pull Requests Activity

[notify] imlib2: updated to 1.4.8

Browse Source 
Security fix:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785369
This commit is contained in:
Jose V Beneyto 2016-04-12 11:39:29 +02:00
parent ccd9ed474b
commit 1f4fa45042
4 changed files with 51 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
imlib2/.footprint
View File

@ -27,6 +27,8 @@ drwxr-xr-x root/root usr/lib/imlib2/loaders/
-rwxr-xr-x root/root usr/lib/imlib2/loaders/bmp.so
-rwxr-xr-x root/root usr/lib/imlib2/loaders/bz2.la
-rwxr-xr-x root/root usr/lib/imlib2/loaders/bz2.so
-rwxr-xr-x root/root usr/lib/imlib2/loaders/ff.la
-rwxr-xr-x root/root usr/lib/imlib2/loaders/ff.so
-rwxr-xr-x root/root usr/lib/imlib2/loaders/gif.la
-rwxr-xr-x root/root usr/lib/imlib2/loaders/gif.so
-rwxr-xr-x root/root usr/lib/imlib2/loaders/id3.la
@ -49,9 +51,9 @@ drwxr-xr-x root/root usr/lib/imlib2/loaders/
-rwxr-xr-x root/root usr/lib/imlib2/loaders/zlib.so
-rw-r--r-- root/root usr/lib/libImlib2.a
-rwxr-xr-x root/root usr/lib/libImlib2.la
lrwxrwxrwx root/root usr/lib/libImlib2.so -> libImlib2.so.1.4.7
lrwxrwxrwx root/root usr/lib/libImlib2.so.1 -> libImlib2.so.1.4.7
-rwxr-xr-x root/root usr/lib/libImlib2.so.1.4.7
lrwxrwxrwx root/root usr/lib/libImlib2.so -> libImlib2.so.1.4.8
lrwxrwxrwx root/root usr/lib/libImlib2.so.1 -> libImlib2.so.1.4.8
-rwxr-xr-x root/root usr/lib/libImlib2.so.1.4.8
drwxr-xr-x root/root usr/lib/pkgconfig/
-rw-r--r-- root/root usr/lib/pkgconfig/imlib2.pc
drwxr-xr-x root/root usr/share/

3
imlib2/.md5sum
View File

@ -1 +1,2 @@
f2f1418c376da6125453f90f2d58d938 imlib2-1.4.7.tar.bz2
80d8aeb7b04c8809ba4a3e3a0e0aad01 imlib2-1.4.8-gif-oob.patch
97cf1007b0339102974ce20c8f17c249 imlib2-1.4.8.tar.bz2

7
imlib2/Pkgfile
View File

@ -5,13 +5,16 @@
# Depends on: freetype, libid3tag, libpng, libtiff, giflib, xorg-libsm, xorg-libxext
name=imlib2
version=1.4.7
version=1.4.8
release=1
source=(http://download.sourceforge.net/enlightenment/$name-$version.tar.bz2)
source=(http://download.sourceforge.net/enlightenment/$name-$version.tar.bz2 \
https://gitweb.gentoo.org/repo/gentoo.git/plain/media-libs/$name/files/$name-$version-gif-oob.patch)
build() {
cd $name-$version
patch -p1 -i $SRC/$name-$version-gif-oob.patch
./configure --prefix=/usr
make

39
imlib2/imlib2-1.4.8-gif-oob.patch Normal file
View File

@ -0,0 +1,39 @@
From 16de244bd03d2f75da6508feb1ad9cb4e668e9dc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Bernhard=20=C3=9Cbelacker?= <bernhardu@vr-web.de>
Date: Sat, 2 Apr 2016 13:05:21 -0400
Subject: [PATCH] gif: fix oob reads w/bad colormaps
Verify the color map is inbounds before indexing with it.
https://bugs.debian.org/785369
---
src/modules/loaders/loader_gif.c | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/src/modules/loaders/loader_gif.c b/src/modules/loaders/loader_gif.c
index 638df59..7bdf29c 100644
--- a/src/modules/loaders/loader_gif.c
+++ b/src/modules/loaders/loader_gif.c
@@ -170,9 +170,16 @@ load(ImlibImage * im, ImlibProgressFunction progress, char progress_granularity,
}
else
{
- r = cmap->Colors[rows[i][j]].Red;
- g = cmap->Colors[rows[i][j]].Green;
- b = cmap->Colors[rows[i][j]].Blue;
+ if (rows[i][j] < cmap->ColorCount)
+ {
+ r = cmap->Colors[rows[i][j]].Red;
+ g = cmap->Colors[rows[i][j]].Green;
+ b = cmap->Colors[rows[i][j]].Blue;
+ }
+ else
+ {
+ r = g = b = 0;
+ }
*ptr++ = (0xff << 24) | (r << 16) | (g << 8) | b;
}
per += per_inc;
--
2.7.4