diff options
Diffstat (limited to 'meta/recipes-graphics/pango/pango')
-rw-r--r-- | meta/recipes-graphics/pango/pango/CVE-2019-1010238.patch | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/meta/recipes-graphics/pango/pango/CVE-2019-1010238.patch b/meta/recipes-graphics/pango/pango/CVE-2019-1010238.patch new file mode 100644 index 0000000000..5b0c342f49 --- /dev/null +++ b/meta/recipes-graphics/pango/pango/CVE-2019-1010238.patch | |||
@@ -0,0 +1,38 @@ | |||
1 | From 490f8979a260c16b1df055eab386345da18a2d54 Mon Sep 17 00:00:00 2001 | ||
2 | From: Matthias Clasen <mclasen@redhat.com> | ||
3 | Date: Wed, 10 Jul 2019 20:26:23 -0400 | ||
4 | Subject: [PATCH] bidi: Be safer against bad input | ||
5 | |||
6 | Don't run off the end of an array that we | ||
7 | allocated to certain length. | ||
8 | |||
9 | Closes: https://gitlab.gnome.org/GNOME/pango/issues/342 | ||
10 | |||
11 | Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/pango/commit/490f8979a260c16b1df055eab386345da18a2d54] | ||
12 | CVE: CVE-2019-1010238 | ||
13 | Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> | ||
14 | --- | ||
15 | pango/pango-bidi-type.c | 7 +++++-- | ||
16 | 1 file changed, 5 insertions(+), 2 deletions(-) | ||
17 | |||
18 | diff --git a/pango/pango-bidi-type.c b/pango/pango-bidi-type.c | ||
19 | index 3e46b66c..5c02dbbb 100644 | ||
20 | --- a/pango/pango-bidi-type.c | ||
21 | +++ b/pango/pango-bidi-type.c | ||
22 | @@ -181,8 +181,11 @@ pango_log2vis_get_embedding_levels (const gchar *text, | ||
23 | for (i = 0, p = text; p < text + length; p = g_utf8_next_char(p), i++) | ||
24 | { | ||
25 | gunichar ch = g_utf8_get_char (p); | ||
26 | - FriBidiCharType char_type; | ||
27 | - char_type = fribidi_get_bidi_type (ch); | ||
28 | + FriBidiCharType char_type = fribidi_get_bidi_type (ch); | ||
29 | + | ||
30 | + if (i == n_chars) | ||
31 | + break; | ||
32 | + | ||
33 | bidi_types[i] = char_type; | ||
34 | ored_types |= char_type; | ||
35 | if (FRIBIDI_IS_STRONG (char_type)) | ||
36 | -- | ||
37 | 2.21.0 | ||
38 | |||