upstream/oracle/userland-gate: components/gnome/libcroco/patches/CVE-2017-7961.patch@562e5fc8e2ae (annotated)

7959 562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	1	Security fix, which we should be able to drop once it's packaged in a tarball
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	2
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	3	From 9ad72875e9f08e4c519ef63d44cdbd94aa9504f7 Mon Sep 17 00:00:00 2001
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	4	From: Ignacio Casal Quinteiro <[email protected]>
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	5	Date: Sun, 16 Apr 2017 13:56:09 +0200
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	6	Subject: tknzr: support only max long rgb values
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	7
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	8	This fixes a possible out of bound when reading rgbs which
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	9	are longer than the support MAXLONG
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	10	---
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	11	src/cr-tknzr.c \| 10 ++++++++++
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	12	1 file changed, 10 insertions(+)
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	13
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	14	diff --git a/src/cr-tknzr.c b/src/cr-tknzr.c
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	15	index 1a7cfeb..1548c35 100644
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	16	--- a/src/cr-tknzr.c
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	17	+++ b/src/cr-tknzr.c
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	18	@@ -1279,6 +1279,11 @@ cr_tknzr_parse_rgb (CRTknzr * a_this, CRRgb ** a_rgb)
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	19	status = cr_tknzr_parse_num (a_this, &num);
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	20	ENSURE_PARSING_COND ((status == CR_OK) && (num != NULL));
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	21
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	22	+ if (num->val > G_MAXLONG) {
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	23	+ status = CR_PARSING_ERROR;
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	24	+ goto error;
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	25	+ }
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	26	+
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	27	red = num->val;
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	28	cr_num_destroy (num);
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	29	num = NULL;
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	30	@@ -1298,6 +1303,11 @@ cr_tknzr_parse_rgb (CRTknzr * a_this, CRRgb ** a_rgb)
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	31	status = cr_tknzr_parse_num (a_this, &num);
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	32	ENSURE_PARSING_COND ((status == CR_OK) && (num != NULL));
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	33
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	34	+ if (num->val > G_MAXLONG) {
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	35	+ status = CR_PARSING_ERROR;
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	36	+ goto error;
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	37	+ }
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	38	+
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	39	PEEK_BYTE (a_this, 1, &next_bytes[0]);
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	40	if (next_bytes[0] == '%') {
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	41	SKIP_CHARS (a_this, 1);
562e5fc8e2ae 25977273 update libcroco to 0.6.10 Niveditha Rau <Niveditha.Rau@Oracle.COM> parents: diff changeset	42	--

author	Niveditha Rau <Niveditha.Rau@Oracle.COM>
	Mon, 01 May 2017 16:02:10 -0700
changeset 7959	562e5fc8e2ae
permissions	-rw-r--r--