diff options
author | nectar <nectar@FreeBSD.org> | 2005-01-21 23:20:34 +0800 |
---|---|---|
committer | nectar <nectar@FreeBSD.org> | 2005-01-21 23:20:34 +0800 |
commit | 81de51dc29a1a92594a0d7ef82b3a7019ef8b93a (patch) | |
tree | c8497321f6e5d9e837d7e4af11ab2750f04dd77e /graphics | |
parent | 3db838f85601e9b18671e625ae40f5c978fe2987 (diff) | |
download | freebsd-ports-gnome-81de51dc29a1a92594a0d7ef82b3a7019ef8b93a.tar.gz freebsd-ports-gnome-81de51dc29a1a92594a0d7ef82b3a7019ef8b93a.tar.zst freebsd-ports-gnome-81de51dc29a1a92594a0d7ef82b3a7019ef8b93a.zip |
Correct serious bugs in imlib2's xpm loader.
Obtained from: enlightenment CVS
Security: http://vuxml.freebsd.org/2001103a-6bbd-11d9-851d-000a95bc6fae.html
Diffstat (limited to 'graphics')
-rw-r--r-- | graphics/imlib2/Makefile | 2 | ||||
-rw-r--r-- | graphics/imlib2/files/patch-security-1 | 90 |
2 files changed, 91 insertions, 1 deletions
diff --git a/graphics/imlib2/Makefile b/graphics/imlib2/Makefile index 4b455aee63e3..75fe904daf83 100644 --- a/graphics/imlib2/Makefile +++ b/graphics/imlib2/Makefile @@ -7,7 +7,7 @@ PORTNAME= imlib2 PORTVERSION= 1.1.2 -PORTREVISION= 0 +PORTREVISION= 1 CATEGORIES= graphics MASTER_SITES= ${MASTER_SITE_SOURCEFORGE} MASTER_SITE_SUBDIR= enlightenment diff --git a/graphics/imlib2/files/patch-security-1 b/graphics/imlib2/files/patch-security-1 new file mode 100644 index 000000000000..520160f14fed --- /dev/null +++ b/graphics/imlib2/files/patch-security-1 @@ -0,0 +1,90 @@ +=================================================================== +RCS file: /cvsroot/enlightenment/e17/libs/imlib2/src/modules/loaders/loader_xpm.c,v +retrieving revision 1.2 +retrieving revision 1.3 +diff -u -r1.2 -r1.3 +--- enlightenment/e17/libs/imlib2/src/modules/loaders/loader_xpm.c 2004/12/14 03:50:46 1.2 ++++ loaders/loader_xpm.c 2005/01/04 03:34:03 1.3 +@@ -192,37 +192,37 @@ + { + /* Header */ + sscanf(line, "%i %i %i %i", &w, &h, &ncolors, &cpp); +- if (ncolors > 32766) ++ if ((ncolors > 32766) || (ncolors < 1)) + { + fprintf(stderr, +- "IMLIB ERROR: XPM files with colors > 32766 not supported\n"); ++ "IMLIB ERROR: XPM files with colors > 32766 or < 1 not supported\n"); + free(line); + fclose(f); + xpm_parse_done(); + return 0; + } +- if (cpp > 5) ++ if ((cpp > 5) || (cpp < 1)) + { + fprintf(stderr, +- "IMLIB ERROR: XPM files with characters per pixel > 5 not supported\n"); ++ "IMLIB ERROR: XPM files with characters per pixel > 5 or < 1not supported\n"); + free(line); + fclose(f); + xpm_parse_done(); + return 0; + } +- if (w > 32767) ++ if ((w > 32767) || (w < 1)) + { + fprintf(stderr, +- "IMLIB ERROR: Image width > 32767 pixels for file\n"); ++ "IMLIB ERROR: Image width > 32767 or < 1 pixels for file\n"); + free(line); + fclose(f); + xpm_parse_done(); + return 0; + } +- if (h > 32767) ++ if ((h > 32767) || (h < 1)) + { + fprintf(stderr, +- "IMLIB ERROR: Image height > 32767 pixels for file\n"); ++ "IMLIB ERROR: Image height > 32767 or < 1 pixels for file\n"); + free(line); + fclose(f); + xpm_parse_done(); +@@ -284,9 +284,14 @@ + if (k >= len) + { + if (col[0]) +- strcat(col, " "); ++ { ++ if (strlen(col) < ( sizeof(col) - 2)) ++ strcat(col, " "); ++ else ++ done = 1; ++ } + if (strlen(col) + strlen(s) < +- sizeof(col)) ++ (sizeof(col) - 1)) + strcat(col, s); + } + if (col[0]) +@@ -322,9 +327,16 @@ + } + else + { +- if (col[0]) +- strcat(col, " "); +- strcat(col, s); ++ if (col[0]) ++ { ++ if (strlen(col) < ( sizeof(col) - 2)) ++ strcat(col, " "); ++ else ++ done = 1; ++ } ++ if (strlen(col) + strlen(s) < ++ (sizeof(col) - 1)) ++ strcat(col, s); + } + } + } |