summaryrefslogtreecommitdiff
path: root/graphics/imlib2
diff options
context:
space:
mode:
authorStanislav Sedov <stas@FreeBSD.org>2008-11-24 17:50:04 +0000
committerStanislav Sedov <stas@FreeBSD.org>2008-11-24 17:50:04 +0000
commit95c96662d04052521d4e43f8ddfaa49126cf4941 (patch)
tree936a22c640a7252ccb1f0a3812e1152c5eeda2a2 /graphics/imlib2
parent- Document a buffer overflow vulnerability in imlib2. (diff)
- Fix a buffer overflow vulnerability in imlib2.
PR: ports/129037 Submitted by: Eygene Ryabinkin <rea-fbsd@codelabs.ru> Security: http://www.vuxml.org/freebsd/910486d5-ba4d-11dd-8f23-0019666436c2.html
Notes
Notes: svn path=/head/; revision=223336
Diffstat (limited to 'graphics/imlib2')
-rw-r--r--graphics/imlib2/Makefile2
-rw-r--r--graphics/imlib2/files/patch-CVE-2008-518714
2 files changed, 15 insertions, 1 deletions
diff --git a/graphics/imlib2/Makefile b/graphics/imlib2/Makefile
index 281657cbb67a..6baa57c37ee2 100644
--- a/graphics/imlib2/Makefile
+++ b/graphics/imlib2/Makefile
@@ -7,7 +7,7 @@
PORTNAME= imlib2
PORTVERSION= 1.4.1.000
-PORTREVISION= 0
+PORTREVISION= 1
PORTEPOCH= 2
CATEGORIES= graphics
MASTER_SITES= ftp://ftp.springdaemons.com/pub/snapshots/e17/ \
diff --git a/graphics/imlib2/files/patch-CVE-2008-5187 b/graphics/imlib2/files/patch-CVE-2008-5187
new file mode 100644
index 000000000000..52238dcaf155
--- /dev/null
+++ b/graphics/imlib2/files/patch-CVE-2008-5187
@@ -0,0 +1,14 @@
+Obtained from: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=505714#15
+
+--- src/modules/loaders/loader_xpm.c
++++ src/modules/loaders/loader_xpm.c
+@@ -246,8 +246,8 @@
+ return 0;
+ }
+ ptr = im->data;
+- end = ptr + (sizeof(DATA32) * w * h);
+ pixels = w * h;
++ end = ptr + pixels;
+ }
+ else
+ {
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-10 18:51:35 +0000