diff options
author | Remi Collet <fedora@famillecollet.com> | 2014-08-29 16:52:48 +0200 |
---|---|---|
committer | Remi Collet <fedora@famillecollet.com> | 2014-08-29 16:52:48 +0200 |
commit | d609954ccc5727a53cf3dbc68abb599e072af776 (patch) | |
tree | b9e083cd2728ed61fb1d68ba59a613c221a83045 | |
parent | 509093c9983c5ed446119ea41905c169437cd29a (diff) |
gd: add gd-CVE-2014-2497.patch
-rw-r--r-- | gd-CVE-2014-2497.patch | 33 |
1 files changed, 33 insertions, 0 deletions
diff --git a/gd-CVE-2014-2497.patch b/gd-CVE-2014-2497.patch new file mode 100644 index 0000000..6a94c48 --- /dev/null +++ b/gd-CVE-2014-2497.patch @@ -0,0 +1,33 @@ +From 463c3bd09bfe8e924e19acad7a2a6af16953a704 Mon Sep 17 00:00:00 2001 +From: Remi Collet <fedora@famillecollet.com> +Date: Mon, 4 Aug 2014 10:31:25 +0200 +Subject: [PATCH] CVE-2014-2497, NULL pointer dereference, fix #126 + +--- + src/gdxpm.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/src/gdxpm.c b/src/gdxpm.c +index ae6e336..15603a6 100644 +--- a/src/gdxpm.c ++++ b/src/gdxpm.c +@@ -49,6 +49,16 @@ BGD_DECLARE(gdImagePtr) gdImageCreateFromXpm(char *filename) + if(overflow2(sizeof(int), number)) { + goto done; + } ++ for(i = 0; i < number; i++) { ++ /* ++ avoid NULL pointer dereference ++ TODO better fix need to manage monochrome/monovisual ++ see m_color or g4_color or g_color ++ */ ++ if (!image.colorTable[i].c_color) { ++ goto done; ++ } ++ } + + colors = (int *)gdMalloc(sizeof(int) * number); + if(colors == NULL) { +-- +1.8.5.2 + |