summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2015-7674.patch39
-rw-r--r--meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb1
2 files changed, 40 insertions, 0 deletions
diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2015-7674.patch b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2015-7674.patch
new file mode 100644
index 0000000000..d516e88ab5
--- /dev/null
+++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2015-7674.patch
@@ -0,0 +1,39 @@
1From e9a5704edaa9aee9498f1fbf6e1b70fcce2e55aa Mon Sep 17 00:00:00 2001
2From: Benjamin Otte <otte@redhat.com>
3Date: Tue, 22 Sep 2015 22:44:51 +0200
4Subject: [PATCH] pixops: Don't overflow variables when shifting them
5
6If we shift by 16 bits we need to be sure those 16 bits actually exist.
7They do now.
8
9Upstream-status: Backport
10https://git.gnome.org/browse/gdk-pixbuf/commit/?id=e9a5704edaa9aee9498f1fbf6e1b70fcce2e55aa
11
12CVE: CVE-2015-7674
13Signed-off-by: Armin Kuster <akuster@mvista.com>
14
15---
16 gdk-pixbuf/pixops/pixops.c | 10 +++++-----
17 1 file changed, 5 insertions(+), 5 deletions(-)
18
19Index: gdk-pixbuf-2.30.8/gdk-pixbuf/pixops/pixops.c
20===================================================================
21--- gdk-pixbuf-2.30.8.orig/gdk-pixbuf/pixops/pixops.c
22+++ gdk-pixbuf-2.30.8/gdk-pixbuf/pixops/pixops.c
23@@ -264,11 +264,11 @@ pixops_scale_nearest (guchar *des
24 double scale_x,
25 double scale_y)
26 {
27- int i;
28- int x;
29- int x_step = (1 << SCALE_SHIFT) / scale_x;
30- int y_step = (1 << SCALE_SHIFT) / scale_y;
31- int xmax, xstart, xstop, x_pos, y_pos;
32+ gint64 i;
33+ gint64 x;
34+ gint64 x_step = (1 << SCALE_SHIFT) / scale_x;
35+ gint64 y_step = (1 << SCALE_SHIFT) / scale_y;
36+ gint64 xmax, xstart, xstop, x_pos, y_pos;
37 const guchar *p;
38
39 #define INNER_LOOP(SRC_CHANNELS,DEST_CHANNELS,ASSIGN_PIXEL) \
diff --git a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb
index 07c2dcec16..5a858fb99f 100644
--- a/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb
+++ b/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb
@@ -19,6 +19,7 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz \
19 file://run-ptest \ 19 file://run-ptest \
20 file://fatal-loader.patch \ 20 file://fatal-loader.patch \
21 file://0001-pixops-Be-more-careful-about-integer-overflow.patch \ 21 file://0001-pixops-Be-more-careful-about-integer-overflow.patch \
22 file://CVE-2015-7674.patch \
22 " 23 "
23 24
24SRC_URI[md5sum] = "4fed0d54432f1b69fc6e66e608bd5542" 25SRC_URI[md5sum] = "4fed0d54432f1b69fc6e66e608bd5542"