← Back to branch summary

~ubuntu-branches/ubuntu/utopic/gimp/utopic

« back to all changes in this revision

Viewing changes to debian/patches/06_CVE-2010-4543.patch

  • Committer: Package Import Robot
  • Author(s): Marc Deslauriers
  • Date: 2011-04-07 10:40:22 UTC
  • Revision ID: package-import@ubuntu.com-20110407104022-ka90cx60lwrf9ro7
Tags: 2.6.11-1ubuntu6
* SECURITY UPDATE: denial of service and possible code execution via
  malformed plugin configuration files
  - debian/patches/05_CVE-2010-454x.patch: fix format strings in
    plug-ins/{common/sphere-designer,gfig/gfig-style,
    lighting/lighting-ui}.c.
  - CVE-2010-4540
  - CVE-2010-4541
  - CVE-2010-4542
* SECURITY UPDATE: denial of service and possible code execution via
  malformed PSP image file
  - debian/patches/06_CVE-2010-4543.patch: fix buffer overflow in
    plug-ins/common/file-psp.c.
  - CVE-2010-4543

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/06_CVE-2010-4543.patch
 
1
Description: fix denial of service and possible code execution via
 
2
 malformed PSP image file
 
3
Origin: upstream, http://git.gnome.org/browse/gimp/commit/?id=48ec15890e1751dede061f6d1f469b6508c13439
 
4
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=608497
 
5
Bug: https://bugzilla.gnome.org/show_bug.cgi?id=639203
 
6
 
 
7
Index: gimp-2.6.11/plug-ins/common/file-psp.c
 
8
===================================================================
 
9
--- gimp-2.6.11.orig/plug-ins/common/file-psp.c 2011-04-07 10:55:48.556192230 -0400
 
10
+++ gimp-2.6.11/plug-ins/common/file-psp.c      2011-04-07 10:55:58.576192227 -0400
 
11
@@ -1244,6 +1244,10 @@
 
12
             }
 
13
           else
 
14
             fread (buf, runcount, 1, f);
 
15
+
 
16
+          /* prevent buffer overflow for bogus data */
 
17
+          runcount = MIN (runcount, endq - q);
 
18
+
 
19
           if (bytespp == 1)
 
20
             {
 
21
               memmove (q, buf, runcount);