diff options
| -rw-r--r-- | meta/recipes-graphics/pango/pango/CVE-2019-1010238.patch | 38 | ||||
| -rw-r--r-- | meta/recipes-graphics/pango/pango_1.42.4.bb | 4 |
2 files changed, 41 insertions, 1 deletions
diff --git a/meta/recipes-graphics/pango/pango/CVE-2019-1010238.patch b/meta/recipes-graphics/pango/pango/CVE-2019-1010238.patch new file mode 100644 index 0000000000..5b0c342f49 --- /dev/null +++ b/meta/recipes-graphics/pango/pango/CVE-2019-1010238.patch | |||
| @@ -0,0 +1,38 @@ | |||
| 1 | From 490f8979a260c16b1df055eab386345da18a2d54 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Matthias Clasen <mclasen@redhat.com> | ||
| 3 | Date: Wed, 10 Jul 2019 20:26:23 -0400 | ||
| 4 | Subject: [PATCH] bidi: Be safer against bad input | ||
| 5 | |||
| 6 | Don't run off the end of an array that we | ||
| 7 | allocated to certain length. | ||
| 8 | |||
| 9 | Closes: https://gitlab.gnome.org/GNOME/pango/issues/342 | ||
| 10 | |||
| 11 | Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/pango/commit/490f8979a260c16b1df055eab386345da18a2d54] | ||
| 12 | CVE: CVE-2019-1010238 | ||
| 13 | Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> | ||
| 14 | --- | ||
| 15 | pango/pango-bidi-type.c | 7 +++++-- | ||
| 16 | 1 file changed, 5 insertions(+), 2 deletions(-) | ||
| 17 | |||
| 18 | diff --git a/pango/pango-bidi-type.c b/pango/pango-bidi-type.c | ||
| 19 | index 3e46b66c..5c02dbbb 100644 | ||
| 20 | --- a/pango/pango-bidi-type.c | ||
| 21 | +++ b/pango/pango-bidi-type.c | ||
| 22 | @@ -181,8 +181,11 @@ pango_log2vis_get_embedding_levels (const gchar *text, | ||
| 23 | for (i = 0, p = text; p < text + length; p = g_utf8_next_char(p), i++) | ||
| 24 | { | ||
| 25 | gunichar ch = g_utf8_get_char (p); | ||
| 26 | - FriBidiCharType char_type; | ||
| 27 | - char_type = fribidi_get_bidi_type (ch); | ||
| 28 | + FriBidiCharType char_type = fribidi_get_bidi_type (ch); | ||
| 29 | + | ||
| 30 | + if (i == n_chars) | ||
| 31 | + break; | ||
| 32 | + | ||
| 33 | bidi_types[i] = char_type; | ||
| 34 | ored_types |= char_type; | ||
| 35 | if (FRIBIDI_IS_STRONG (char_type)) | ||
| 36 | -- | ||
| 37 | 2.21.0 | ||
| 38 | |||
diff --git a/meta/recipes-graphics/pango/pango_1.42.4.bb b/meta/recipes-graphics/pango/pango_1.42.4.bb index f3be9f44e1..1e1a5b8bfd 100644 --- a/meta/recipes-graphics/pango/pango_1.42.4.bb +++ b/meta/recipes-graphics/pango/pango_1.42.4.bb | |||
| @@ -16,7 +16,9 @@ GNOMEBASEBUILDCLASS = "meson" | |||
| 16 | inherit gnomebase gtk-doc ptest-gnome upstream-version-is-even gobject-introspection | 16 | inherit gnomebase gtk-doc ptest-gnome upstream-version-is-even gobject-introspection |
| 17 | 17 | ||
| 18 | SRC_URI += "file://run-ptest \ | 18 | SRC_URI += "file://run-ptest \ |
| 19 | file://insensitive-diff.patch" | 19 | file://insensitive-diff.patch \ |
| 20 | file://CVE-2019-1010238.patch \ | ||
| 21 | " | ||
| 20 | 22 | ||
| 21 | SRC_URI[archive.md5sum] = "deb171a31a3ad76342d5195a1b5bbc7c" | 23 | SRC_URI[archive.md5sum] = "deb171a31a3ad76342d5195a1b5bbc7c" |
| 22 | SRC_URI[archive.sha256sum] = "1d2b74cd63e8bd41961f2f8d952355aa0f9be6002b52c8aa7699d9f5da597c9d" | 24 | SRC_URI[archive.sha256sum] = "1d2b74cd63e8bd41961f2f8d952355aa0f9be6002b52c8aa7699d9f5da597c9d" |
