stb_image: fix GHSL-2023-145 / fix CVE-2023-45661

This commit is contained in:
Benjamin A. Beasley 2023-10-25 11:03:12 -04:00
parent 0af9698be6
commit 82547bda5e
2 changed files with 33 additions and 0 deletions

24
1539.patch Normal file
View File

@ -0,0 +1,24 @@
From 8cfcbf7dde7705c849f4f7a5acb26f79b895fffe Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Jaroslav=20Loba=C4=8Devski?= <jarlob@github.com>
Date: Thu, 19 Oct 2023 15:57:03 +0200
Subject: [PATCH] Fix wild address read in stbi__gif_load_next
It seems `layers` were forgotten to include in equation.
Fixes #1538
---
stb_image.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/stb_image.h b/stb_image.h
index 5e807a0a6..cd09ab697 100644
--- a/stb_image.h
+++ b/stb_image.h
@@ -7019,7 +7019,7 @@ static void *stbi__load_gif_main(stbi__context *s, int **delays, int *x, int *y,
}
memcpy( out + ((layers - 1) * stride), u, stride );
if (layers >= 2) {
- two_back = out - 2 * stride;
+ two_back = out + (layers - 2) * stride;
}
if (delays) {

View File

@ -110,6 +110,15 @@ Patch: %{url}/pull/1532.patch
# https://github.com/nothings/stb/pull/1533
Patch: %{url}/pull/1534.patch
# Fix wild address read in stbi__gif_load_next
# https://github.com/nothings/stb/pull/1539
#
# Fixes:
#
# Wild address read in stbi__gif_load_next (GHSL-2023-145/CVE-2023-45661)
# https://github.com/nothings/stb/issues/1538
Patch: %{url}/pull/1539.patch
%global stb_c_lexer_version 0.12
%global stb_connected_components_version 0.96
%global stb_divide_version 0.94