summaryrefslogtreecommitdiff
path: root/media-gfx/gimp/files/gimp-2.8.22-cve-2017-17784.patch
diff options
context:
space:
mode:
Diffstat (limited to 'media-gfx/gimp/files/gimp-2.8.22-cve-2017-17784.patch')
-rw-r--r--media-gfx/gimp/files/gimp-2.8.22-cve-2017-17784.patch32
1 files changed, 0 insertions, 32 deletions
diff --git a/media-gfx/gimp/files/gimp-2.8.22-cve-2017-17784.patch b/media-gfx/gimp/files/gimp-2.8.22-cve-2017-17784.patch
deleted file mode 100644
index c7df330409f8..000000000000
--- a/media-gfx/gimp/files/gimp-2.8.22-cve-2017-17784.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From c57f9dcf1934a9ab0cd67650f2dea18cb0902270 Mon Sep 17 00:00:00 2001
-From: Jehan <jehan@girinstud.io>
-Date: Thu, 21 Dec 2017 12:25:32 +0100
-Subject: Bug 790784 - (CVE-2017-17784) heap overread in gbr parser /
- load_image.
-
-We were assuming the input name was well formed, hence was
-nul-terminated. As any data coming from external input, this has to be
-thorougly checked.
-Similar to commit 06d24a79af94837d615d0024916bb95a01bf3c59 but adapted
-to older gimp-2-8 code.
----
- plug-ins/common/file-gbr.c | 3 ++-
- 1 file changed, 2 insertions(+), 1 deletion(-)
-
-diff --git a/plug-ins/common/file-gbr.c b/plug-ins/common/file-gbr.c
-index b028100..d3f01d9 100644
---- a/plug-ins/common/file-gbr.c
-+++ b/plug-ins/common/file-gbr.c
-@@ -443,7 +443,8 @@ load_image (const gchar *filename,
- {
- gchar *temp = g_new (gchar, bn_size);
-
-- if ((read (fd, temp, bn_size)) < bn_size)
-+ if ((read (fd, temp, bn_size)) < bn_size ||
-+ temp[bn_size - 1] != '\0')
- {
- g_set_error (error, G_FILE_ERROR, G_FILE_ERROR_FAILED,
- _("Error in GIMP brush file '%s'"),
---
-cgit v0.12
-
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-25 05:02:52 +0000