From: | "Peter Volkov (pva)" <pva@g.o> |
---|---|
To: | gentoo-commits@l.g.o |
Subject: | [gentoo-commits] gentoo-x86 commit in net-print/cups/files: cups-1.3.6-CVE-2008-1373.patch |
Date: | Tue, 01 Apr 2008 19:34:40 |
Message-Id: | E1JgmFi-0006SF-56@stork.gentoo.org |
1 | pva 08/04/01 19:34:38 |
2 | |
3 | Added: cups-1.3.6-CVE-2008-1373.patch |
4 | Log: |
5 | Fixing overflow in gif image filter, security bug #214068, thank Robert Buchholz for report. |
6 | (Portage version: 2.1.4.4) |
7 | |
8 | Revision Changes Path |
9 | 1.1 net-print/cups/files/cups-1.3.6-CVE-2008-1373.patch |
10 | |
11 | file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-print/cups/files/cups-1.3.6-CVE-2008-1373.patch?rev=1.1&view=markup |
12 | plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-print/cups/files/cups-1.3.6-CVE-2008-1373.patch?rev=1.1&content-type=text/plain |
13 | |
14 | Index: cups-1.3.6-CVE-2008-1373.patch |
15 | =================================================================== |
16 | Index: cups-1.3.6/filter/image-gif.c |
17 | =================================================================== |
18 | --- cups-1.3.6.orig/filter/image-gif.c |
19 | +++ cups-1.3.6/filter/image-gif.c |
20 | @@ -38,6 +38,8 @@ |
21 | #define GIF_INTERLACE 0x40 |
22 | #define GIF_COLORMAP 0x80 |
23 | |
24 | +#define MAX_LWZ_BITS 12 |
25 | + |
26 | typedef cups_ib_t gif_cmap_t[256][4]; |
27 | typedef short gif_table_t[4096]; |
28 | |
29 | @@ -462,6 +464,9 @@ gif_read_image(FILE *fp, /* I - |
30 | pass = 0; |
31 | code_size = getc(fp); |
32 | |
33 | + if (code_size > MAX_LWZ_BITS) |
34 | + return (-1); |
35 | + |
36 | if (!pixels) |
37 | return (-1); |
38 | |
39 | |
40 | |
41 | |
42 | -- |
43 | gentoo-commits@l.g.o mailing list |