diff options
| author | Dirk Meyer <dinoex@FreeBSD.org> | 2013-04-17 21:25:47 +0000 |
|---|---|---|
| committer | Dirk Meyer <dinoex@FreeBSD.org> | 2013-04-17 21:25:47 +0000 |
| commit | 9ad3263e802afd53731df2dce73199621e62ecde (patch) | |
| tree | 6ae1451fe5b1dcbd9d73dfa71232906735920136 /graphics/jasper/files/patch-jas_malloc.h | |
| parent | - Update to 2.2 (diff) | |
graphics/jasper
- Security fixes
Multiple integer overflows
Buffer overflow in the jas_stream_printf
execute arbitrary code on decodes images
Security: CVE-2008-3520
Security: CVE-2008-3522
Security: CVE-2011-4516
Security: CVE-2011-4517
PR: 163718
Obtained from: Fedora
Feature safe: yes
Notes
Notes:
svn path=/head/; revision=316008
Diffstat (limited to 'graphics/jasper/files/patch-jas_malloc.h')
| -rw-r--r-- | graphics/jasper/files/patch-jas_malloc.h | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/graphics/jasper/files/patch-jas_malloc.h b/graphics/jasper/files/patch-jas_malloc.h new file mode 100644 index 000000000000..8cb3c6a4ad79 --- /dev/null +++ b/graphics/jasper/files/patch-jas_malloc.h @@ -0,0 +1,26 @@ +--- src/libjasper/include/jasper/jas_malloc.h.orig 2007-01-19 22:43:04.000000000 +0100 ++++ src/libjasper/include/jasper/jas_malloc.h 2013-04-17 22:16:16.000000000 +0200 +@@ -95,6 +95,9 @@ + #define jas_free MEMFREE + #define jas_realloc MEMREALLOC + #define jas_calloc MEMCALLOC ++#define jas_malloc2(a, b) MEMALLOC((a)*(b)) ++#define jas_malloc3(a, b, c) MEMALLOC((a)*(b)*(c)) ++#define jas_realloc2(p, a, b) MEMREALLOC((p), (a)*(b)) + #endif + + /******************************************************************************\ +@@ -115,6 +118,13 @@ + /* Allocate a block of memory and initialize the contents to zero. */ + void *jas_calloc(size_t nmemb, size_t size); + ++/* size-checked double allocation .*/ ++void *jas_malloc2(size_t, size_t); ++ ++void *jas_malloc3(size_t, size_t, size_t); ++ ++void *jas_realloc2(void *, size_t, size_t); ++ + #endif + + #ifdef __cplusplus |