~ubuntu-branches/ubuntu/raring/libjpeg6b/raring-updates

« back to all changes in this revision

Viewing changes to debian/patches/CVE-2013-6630.patch

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2013-11-22 08:58:58 UTC
  • Revision ID: package-import@ubuntu.com-20131122085858-n5kmkin5z4e2fsrq
Tags: 6b1-3ubuntu1.13.04.1
* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_sos function (LP: #1252912)
  - debian/patches/CVE-2013-6629.patch: check for duplications in
    jdmarker.c.
  - CVE-2013-6629
* SECURITY UPDATE: information disclosure via uninitialized memory in
  the get_dht function (LP: #1252912)
  - debian/patches/CVE-2013-6630.patch: properly clear out memory in
    jdmarker.c.
  - CVE-2013-6630

Show diffs side-by-side

added added

removed removed

Lines of Context:
 
1
Description: fix information disclosure via uninitialized memory in
 
2
 the get_dht function
 
3
Origin: vendor, http://git.chromium.org/gitweb/?p=chromium/deps/libjpeg_turbo.git;a=commit;h=32cab49bd4cb1ce069a435fd75f9439c34ddc6f8
 
4
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/libjpeg-turbo/+bug/1252912
 
5
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=729867
 
6
 
 
7
Index: libjpeg6b-6b1/jdmarker.c
 
8
===================================================================
 
9
--- libjpeg6b-6b1.orig/jdmarker.c       2013-11-22 08:10:13.915093622 -0500
 
10
+++ libjpeg6b-6b1/jdmarker.c    2013-11-22 08:40:37.723140321 -0500
 
11
@@ -465,6 +465,7 @@
 
12
     for (i = 0; i < count; i++)
 
13
       INPUT_BYTE(cinfo, huffval[i], return FALSE);
 
14
 
 
15
+    MEMZERO(&huffval[count], (256 - count) * SIZEOF(UINT8));
 
16
     length -= count;
 
17
 
 
18
     if (index & 0x10) {                /* AC table definition */