Mageia Bugzilla – Attachment 7448 Details for
Bug 17731
eom, gnome-photos, eog, gambas3, thunar, pinpoint, gtk+2.0 new integer overflow security issue (CVE-2013-7447)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
Log In
[x]
|
New Account
|
Forgot Password
[patch]
gtk+2-2.24.9-avoid_integer_overflow.patch
gtk2-2.24.29-avoid_integer_overflow.patch (text/plain), 1.03 KB, created by
Atilla ÖNTAŞ
on 2016-02-11 13:49:08 CET
(
hide
)
Description:
gtk+2-2.24.9-avoid_integer_overflow.patch
Filename:
MIME Type:
Creator:
Atilla ÖNTAŞ
Created:
2016-02-11 13:49:08 CET
Size:
1.03 KB
patch
obsolete
>From 894b1ae76a32720f4bb3d39cf460402e3ce331d6 Mon Sep 17 00:00:00 2001 >From: Matthias Clasen <mclasen@redhat.com> >Date: Sat, 29 Jun 2013 22:06:54 -0400 >Subject: Avoid integer overflow > >Use g_malloc_n in gdk_cairo_set_source_pixbuf when allocating >a large block of memory, to avoid integer overflow. > >Pointed out by Bert Massop in >https://bugzilla.gnome.org/show_bug.cgi?id=703220 > >Index: gtk+2.0-2.24.29/gdk/gdkcairo.c >=================================================================== >--- gtk+2.0-2.24.29.orig/gdk/gdkcairo.c >++ gtk+2.0-2.24.29/gdk/gdkcairo.c >+@@ -211,7 +211,7 @@ gdk_cairo_set_source_pixbuf (cairo_t >+ format = CAIRO_FORMAT_ARGB32; >+ >+ cairo_stride = cairo_format_stride_for_width (format, width); >- cairo_pixels = g_malloc (height * cairo_stride); >+ cairo_pixels = g_malloc_n (height, cairo_stride); >+ surface = cairo_image_surface_create_for_data ((unsigned char *)cairo_pixels, >+ format, >+ width, height, cairo_stride);
From 894b1ae76a32720f4bb3d39cf460402e3ce331d6 Mon Sep 17 00:00:00 2001 From: Matthias Clasen <mclasen@redhat.com> Date: Sat, 29 Jun 2013 22:06:54 -0400 Subject: Avoid integer overflow Use g_malloc_n in gdk_cairo_set_source_pixbuf when allocating a large block of memory, to avoid integer overflow. Pointed out by Bert Massop in https://bugzilla.gnome.org/show_bug.cgi?id=703220 Index: gtk+2.0-2.24.29/gdk/gdkcairo.c =================================================================== --- gtk+2.0-2.24.29.orig/gdk/gdkcairo.c ++ gtk+2.0-2.24.29/gdk/gdkcairo.c +@@ -211,7 +211,7 @@ gdk_cairo_set_source_pixbuf (cairo_t + format = CAIRO_FORMAT_ARGB32; + + cairo_stride = cairo_format_stride_for_width (format, width); - cairo_pixels = g_malloc (height * cairo_stride); + cairo_pixels = g_malloc_n (height, cairo_stride); + surface = cairo_image_surface_create_for_data ((unsigned char *)cairo_pixels, + format, + width, height, cairo_stride);
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 17731
: 7448