From 0892524a3bd4abe6b481e3d8ccbb9df06eaa0aca Mon Sep 17 00:00:00 2001 From: Markus Brueffer Date: Mon, 23 Oct 2006 11:14:54 +0000 Subject: - Fix an integer overflow vulnerability in Qt and kdelibs - Bump PORTREVISIONs Approved by: portmgr (erwin) Security: CVE-2006-4811 Security: https://rhn.redhat.com/errata/RHSA-2006-0720.html --- x11/kdelibs3/files/patch-CVE-2006-4811 | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 x11/kdelibs3/files/patch-CVE-2006-4811 (limited to 'x11/kdelibs3/files/patch-CVE-2006-4811') diff --git a/x11/kdelibs3/files/patch-CVE-2006-4811 b/x11/kdelibs3/files/patch-CVE-2006-4811 new file mode 100644 index 000000000000..8a9c8dfebb57 --- /dev/null +++ b/x11/kdelibs3/files/patch-CVE-2006-4811 @@ -0,0 +1,14 @@ +Index: khtml/rendering/render_image.cpp +=================================================================== +--- khtml/rendering/render_image.cpp (revision 594232) ++++ khtml/rendering/render_image.cpp (working copy) +@@ -294,7 +294,8 @@ void RenderImage::paint(PaintInfo& paint + if ( (cWidth != intrinsicWidth() || cHeight != intrinsicHeight()) && + pix.width() > 0 && pix.height() > 0 && i->valid_rect().isValid()) + { +- if (resizeCache.isNull() && cWidth && cHeight && intrinsicWidth() && intrinsicHeight()) ++ if (resizeCache.isNull() && cWidth > 0 && cHeight > 0 && intrinsicWidth() && intrinsicHeight() ++ && cWidth < 4096 && cHeight < 4096) + { + QRect scaledrect(i->valid_rect()); + // kdDebug(6040) << "time elapsed: " << dt->elapsed() << endl; -- cgit v1.2.3