packages/gdk-pixbuf2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2021-44648

Browse Source
This commit is contained in:
zhangpan 2023-06-20 11:30:21 +00:00
parent c583d65907
commit 87eaf1e727
3 changed files with 47 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

40
backport-CVE-2021-44648.patch Normal file
View File

@ -0,0 +1,40 @@
From 19ebba03117aefc9d0312f675f3a210ffdcc4907 Mon Sep 17 00:00:00 2001
From: Robert Ancell <Robert Ancell @robert.ancell>
Date: Tue, 24 May 2022 14:36:15 +0800
Subject: [PATCH] Fix overflow when reading GIF images with invalid LZW initial code size.
Conflict:NA
Reference:https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/merge_requests/130/diffs?commit_id=19ebba03117aefc9d0312f675f3a210ffdcc4907
---
gdk-pixbuf/io-gif.c | 2 +-
gdk-pixbuf/lzw.c | 2 ++
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/gdk-pixbuf/io-gif.c b/gdk-pixbuf/io-gif.c
index 1befba1..3d2a7a9 100644
--- a/gdk-pixbuf/io-gif.c
+++ b/gdk-pixbuf/io-gif.c
@@ -500,7 +500,7 @@ gif_prepare_lzw (GifContext *context)
return -1;
}
- if (context->lzw_set_code_size > 12) {
+ if (context->lzw_set_code_size >= 12) {
g_set_error_literal (context->error,
GDK_PIXBUF_ERROR,
GDK_PIXBUF_ERROR_CORRUPT_IMAGE,
diff --git a/gdk-pixbuf/lzw.c b/gdk-pixbuf/lzw.c
index 105daf2..f3fae17 100644
--- a/gdk-pixbuf/lzw.c
+++ b/gdk-pixbuf/lzw.c
@@ -121,6 +121,8 @@ lzw_decoder_new (guint8 code_size)
LZWDecoder *self;
int i;
+ g_return_val_if_fail (code_size <= LZW_CODE_MAX, NULL);
+
self = g_object_new (lzw_decoder_get_type (), NULL);
self->min_code_size = code_size;
--
2.27.0

8
gdk-pixbuf2.spec
View File

@ -1,15 +1,17 @@
Name: gdk-pixbuf2 Name: gdk-pixbuf2
Version: 2.40.0 Version: 2.40.0
Release: 4 Release: 5
Summary: gdk is a multi-platform toolkit for creating graphical user interfaces. Summary: gdk is a multi-platform toolkit for creating graphical user interfaces.
License: LGPLv2+ License: LGPLv2+
URL: http://www.gtk.org URL: http://www.gtk.org
Source0: http://download.gnome.org/sources/gdk-pixbuf/2.40/gdk-pixbuf-%{version}.tar.xz Source0: http://download.gnome.org/sources/gdk-pixbuf/2.40/gdk-pixbuf-%{version}.tar.xz
Source1: invalid-colors.gif
Patch0001: backport-CVE-2021-20240.patch Patch0001: backport-CVE-2021-20240.patch
Patch0002: backport-CVE-2020-29385.patch Patch0002: backport-CVE-2020-29385.patch
Patch0003: backport-CVE-2021-46829.patch Patch0003: backport-CVE-2021-46829.patch
Patch0004: backport-CVE-2021-44648.patch
BuildRequires: gettext gtk-doc pkgconfig(gio-2.0) >= 2.48.0 libpng-devel libjpeg-devel libtiff-devel shared-mime-info BuildRequires: gettext gtk-doc pkgconfig(gio-2.0) >= 2.48.0 libpng-devel libjpeg-devel libtiff-devel shared-mime-info
BuildRequires: meson pkgconfig(x11) pkgconfig(gobject-introspection-1.0) >= 0.9.3 gobject-introspection-devel libxslt gdb BuildRequires: meson pkgconfig(x11) pkgconfig(gobject-introspection-1.0) >= 0.9.3 gobject-introspection-devel libxslt gdb
@ -46,6 +48,7 @@ developing applications that uses gdk-pixbuf2 xlib and test.
%prep %prep
%autosetup -n gdk-pixbuf-%{version} -p1 %autosetup -n gdk-pixbuf-%{version} -p1
cp %{SOURCE1} ./tests/test-images/gif-test-suite/invalid-colors.gif
%build %build
%meson -Dbuiltin_loaders=png -Ddocs=true %meson -Dbuiltin_loaders=png -Ddocs=true
@ -102,6 +105,9 @@ gdk-pixbuf-query-loaders-%{__isa_bits} --update-cache
%{_mandir}/man1/gdk-pixbuf-csource.1* %{_mandir}/man1/gdk-pixbuf-csource.1*
%changelog %changelog
* Tue Jun 20 2023 zhangpan <zhangpan103@h-partners.com> - 2.40.0-5
- fix CVE-2021-44648
* Fri Mar 17 2023 zhangpan <zhangpan103@h-partners.com> - 2.40.0-4 * Fri Mar 17 2023 zhangpan <zhangpan103@h-partners.com> - 2.40.0-4
- enable test - enable test

BIN
invalid-colors.gif Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 35 B