Archives
Archives
| From: | "Peter Volkov (pva)" <pva@g.o> |
|---|---|
| To: | gentoo-commits@l.g.o |
| Subject: | [gentoo-commits] gentoo-x86 commit in net-print/cups/files: cups-1.3.6-CVE-2008-1373.patch |
| Date: | Tue, 01 Apr 2008 19:34:40 |
| Message-Id: | E1JgmFi-0006SF-56@stork.gentoo.org |
| 1 | pva 08/04/01 19:34:38 |
| 2 | |
| 3 | Added: cups-1.3.6-CVE-2008-1373.patch |
| 4 | Log: |
| 5 | Fixing overflow in gif image filter, security bug #214068, thank Robert Buchholz for report. |
| 6 | (Portage version: 2.1.4.4) |
| 7 | |
| 8 | Revision Changes Path |
| 9 | 1.1 net-print/cups/files/cups-1.3.6-CVE-2008-1373.patch |
| 10 | |
| 11 | file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-print/cups/files/cups-1.3.6-CVE-2008-1373.patch?rev=1.1&view=markup |
| 12 | plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/net-print/cups/files/cups-1.3.6-CVE-2008-1373.patch?rev=1.1&content-type=text/plain |
| 13 | |
| 14 | Index: cups-1.3.6-CVE-2008-1373.patch |
| 15 | =================================================================== |
| 16 | Index: cups-1.3.6/filter/image-gif.c |
| 17 | =================================================================== |
| 18 | --- cups-1.3.6.orig/filter/image-gif.c |
| 19 | +++ cups-1.3.6/filter/image-gif.c |
| 20 | @@ -38,6 +38,8 @@ |
| 21 | #define GIF_INTERLACE 0x40 |
| 22 | #define GIF_COLORMAP 0x80 |
| 23 | |
| 24 | +#define MAX_LWZ_BITS 12 |
| 25 | + |
| 26 | typedef cups_ib_t gif_cmap_t[256][4]; |
| 27 | typedef short gif_table_t[4096]; |
| 28 | |
| 29 | @@ -462,6 +464,9 @@ gif_read_image(FILE *fp, /* I - |
| 30 | pass = 0; |
| 31 | code_size = getc(fp); |
| 32 | |
| 33 | + if (code_size > MAX_LWZ_BITS) |
| 34 | + return (-1); |
| 35 | + |
| 36 | if (!pixels) |
| 37 | return (-1); |
| 38 | |
| 39 | |
| 40 | |
| 41 | |
| 42 | -- |
| 43 | gentoo-commits@l.g.o mailing list |