giflib: fix CVEs
Patches taken from Fedora Signed-off-by: Rosen Penev <rosenp@gmail.com>
This commit is contained in:
Rosen Penev
parent
1974a441d5
commit
9c35e63608
|
|
@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk
|
|||
|
||||
PKG_NAME:=giflib
|
||||
PKG_VERSION:=5.2.1
|
||||
PKG_RELEASE:=1
|
||||
PKG_RELEASE:=2
|
||||
|
||||
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
|
||||
PKG_SOURCE_URL:=@SF/giflib
|
||||
|
|
|
|||
|
|
@ -0,0 +1,14 @@
|
|||
--- a/gif2rgb.c
|
||||
+++ b/gif2rgb.c
|
||||
@@ -294,6 +294,11 @@ static void DumpScreen2RGB(char *FileNam
|
||||
GifRow = ScreenBuffer[i];
|
||||
GifQprintf("\b\b\b\b%-4d", ScreenHeight - i);
|
||||
for (j = 0, BufferP = Buffer; j < ScreenWidth; j++) {
|
||||
+ /* Check if color is within color palete */
|
||||
+ if (GifRow[j] >= ColorMap->ColorCount)
|
||||
+ {
|
||||
+ GIF_EXIT(GifErrorString(D_GIF_ERR_IMAGE_DEFECT));
|
||||
+ }
|
||||
ColorMapEntry = &ColorMap->Colors[GifRow[j]];
|
||||
*BufferP++ = ColorMapEntry->Red;
|
||||
*BufferP++ = ColorMapEntry->Green;
|
||||
|
|
@ -0,0 +1,24 @@
|
|||
Description: Fix segmentation faults due to non correct checking for args
|
||||
Author: David Suárez <david.sephirot@gmail.com>
|
||||
Origin: vendor
|
||||
Bug: https://sourceforge.net/p/giflib/bugs/153/
|
||||
Bug-Debian: https://bugs.debian.org/715963
|
||||
Bug-Debian: https://bugs.debian.org/715964
|
||||
Bug-Debian: https://bugs.debian.org/715967
|
||||
Last-Update: 2020-12-20
|
||||
|
||||
--- a/getarg.c
|
||||
+++ b/getarg.c
|
||||
@@ -307,6 +307,12 @@ GAGetParmeters(void *Parameters[],
|
||||
int i = 0, ScanRes;
|
||||
|
||||
while (!(ISSPACE(CtrlStrCopy[i]))) {
|
||||
+
|
||||
+ if ((*argv) == argv_end) {
|
||||
+ GAErrorToken = Option;
|
||||
+ return CMD_ERR_NumRead;
|
||||
+ }
|
||||
+
|
||||
switch (CtrlStrCopy[i + 1]) {
|
||||
case 'd': /* Get signed integers. */
|
||||
ScanRes = sscanf(*((*argv)++), "%d",
|
||||
Loading…
Reference in New Issue