Fix CVE-2016-5684 (#1381517)
This commit is contained in:
parent
91896c5baa
commit
11c1e1f46b
|
@ -0,0 +1,24 @@
|
|||
diff -rupN FreeImage/Source/FreeImage/PluginXPM.cpp FreeImage-new/Source/FreeImage/PluginXPM.cpp
|
||||
--- FreeImage/Source/FreeImage/PluginXPM.cpp 2015-03-02 02:07:08.000000000 +0100
|
||||
+++ FreeImage-new/Source/FreeImage/PluginXPM.cpp 2016-10-04 16:40:11.975271194 +0200
|
||||
@@ -181,6 +181,11 @@ Load(FreeImageIO *io, fi_handle handle,
|
||||
}
|
||||
free(str);
|
||||
|
||||
+ // check info string
|
||||
+ if((width <= 0) || (height <= 0) || (colors <= 0) || (cpp <= 0)) {
|
||||
+ throw "Improperly formed info string";
|
||||
+ }
|
||||
+
|
||||
if (colors > 256) {
|
||||
dib = FreeImage_AllocateHeader(header_only, width, height, 24, FI_RGBA_RED_MASK, FI_RGBA_GREEN_MASK, FI_RGBA_BLUE_MASK);
|
||||
} else {
|
||||
@@ -193,7 +198,7 @@ Load(FreeImageIO *io, fi_handle handle,
|
||||
FILE_RGBA rgba;
|
||||
|
||||
str = ReadString(io, handle);
|
||||
- if(!str)
|
||||
+ if(!str || (strlen(str) < (size_t)cpp))
|
||||
throw "Error reading color strings";
|
||||
|
||||
std::string chrs(str,cpp); //create a string for the color chars using the first cpp chars
|
|
@ -3,7 +3,7 @@
|
|||
|
||||
Name: freeimage
|
||||
Version: 3.17.0
|
||||
Release: 6%{?dist}
|
||||
Release: 7%{?dist}
|
||||
Summary: Multi-format image decoder library
|
||||
|
||||
# freeimage is tripple-licensed, see
|
||||
|
@ -18,6 +18,8 @@ Patch0: FreeImage-3.17.0_unbundle.patch
|
|||
Patch1: FreeImage-3.17.0_doxygen.patch
|
||||
# Fix CVE-2015-0852 (#1257859)
|
||||
Patch2: FreeImage-3.17.0_CVE-2015-0852.patch
|
||||
# Fix CVE-2016-5684 (#1381517)
|
||||
Patch3: FreeImage-3.17.0_CVE-2016-5684.patch
|
||||
|
||||
BuildRequires: doxygen
|
||||
BuildRequires: jxrlib-devel
|
||||
|
@ -67,6 +69,7 @@ developing applications that use %{name}-plus.
|
|||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
|
||||
# remove all included libs to make sure these don't get used during compile
|
||||
rm -r Source/Lib* Source/ZLib Source/OpenEXR
|
||||
|
@ -88,11 +91,11 @@ done
|
|||
sh ./gensrclist.sh
|
||||
sh ./genfipsrclist.sh
|
||||
%ifarch %{power64} %{mips32}
|
||||
make -f Makefile.gnu %{?_smp_mflags} CFLAGS="%{optflags} -fPIC" CXXFLAGS="%{optflags} -fPIC" LDFLAGS="%{__global_ldflags}"
|
||||
make -f Makefile.fip %{?_smp_mflags} CFLAGS="%{optflags} -fPIC" CXXFLAGS="%{optflags} -fPIC" LDFLAGS="%{__global_ldflags}"
|
||||
%make_build -f Makefile.gnu CFLAGS="%{optflags} -fPIC" CXXFLAGS="%{optflags} -fPIC" LDFLAGS="%{__global_ldflags}"
|
||||
%make_build -f Makefile.fip CFLAGS="%{optflags} -fPIC" CXXFLAGS="%{optflags} -fPIC" LDFLAGS="%{__global_ldflags}"
|
||||
%else
|
||||
make -f Makefile.gnu %{?_smp_mflags} CFLAGS="%{optflags}" CXXFLAGS="%{optflags}" LDFLAGS="%{__global_ldflags}"
|
||||
make -f Makefile.fip %{?_smp_mflags} CFLAGS="%{optflags}" CXXFLAGS="%{optflags}" LDFLAGS="%{__global_ldflags}"
|
||||
%make_build -f Makefile.gnu CFLAGS="%{optflags}" CXXFLAGS="%{optflags}" LDFLAGS="%{__global_ldflags}"
|
||||
%make_build -f Makefile.fip CFLAGS="%{optflags}" CXXFLAGS="%{optflags}" LDFLAGS="%{__global_ldflags}"
|
||||
%endif
|
||||
|
||||
pushd Wrapper/FreeImagePlus/doc
|
||||
|
@ -146,6 +149,9 @@ ldconfig -n %{buildroot}%{_libdir}
|
|||
|
||||
|
||||
%changelog
|
||||
* Tue Oct 04 2016 Sandro Mani <manisandro@gmail.com> - 3.17.0-7
|
||||
- Fix CVE-2016-5684 (rhbz#1381517)
|
||||
|
||||
* Fri Aug 12 2016 Michal Toman <mtoman@fedoraproject.org> - 3.17.0-6
|
||||
- -fPIC on 32-bit MIPS
|
||||
|
||||
|
|
Loading…
Reference in New Issue