gentoo resync : 03.11.2019

author: V3n3RiX <venerix@redcorelinux.org> 2019-11-03 16:06:58 +0000
committer: V3n3RiX <venerix@redcorelinux.org> 2019-11-03 16:06:58 +0000
commit: bd4aeefe33e63f613512604e47bfca7b2187697d (patch)
tree: adb35b5a9a00ee7ea591ab0c987f70167c23b597 /media-libs/libextractor/files
parent: 48ece6662cbd443015f5a57ae6d8cbdbd69ef37c (diff)
1 files changed, 15 insertions, 0 deletions
diff --git a/media-libs/libextractor/files/libextractor-1.9-CVE-2019-15531.patch b/media-libs/libextractor/files/libextractor-1.9-CVE-2019-15531.patch
new file mode 100644
index 000000000000..11344d3946af
--- /dev/null
+++ b/media-libs/libextractor/files/libextractor-1.9-CVE-2019-15531.patch
@@ -0,0 +1,15 @@
+Description: fix heap-based buffer over-read.
+Origin: upstream, commit: d2b032452241708bee68d02aa02092cfbfba951a
+Author: Christian Grothoff <christian@grothoff.org>
+
+--- a/src/plugins/dvi_extractor.c
++++ b/src/plugins/dvi_extractor.c
+@@ -182,6 +182,8 @@
+   size = ec->get_size (ec->cls);
+   if (size > 16 * 1024 * 1024)
+     return; /* too large */
++  if (klen + 15 > size)
++    return; /* malformed klen */
+   if (NULL == (data = malloc ((size_t) size)))
+     return; /* out of memory */
+   memcpy (data, buf, iret);
author	V3n3RiX <venerix@redcorelinux.org>	2019-11-03 16:06:58 +0000
committer	V3n3RiX <venerix@redcorelinux.org>	2019-11-03 16:06:58 +0000
commit	bd4aeefe33e63f613512604e47bfca7b2187697d (patch)
tree	adb35b5a9a00ee7ea591ab0c987f70167c23b597 /media-libs/libextractor/files
parent	48ece6662cbd443015f5a57ae6d8cbdbd69ef37c (diff)