[gentoo-commits] gentoo-x86 commit in media-libs/imlib/files: imlib-1.9.15-bpp16-CVE-2007-3568.patch digest-imlib-1.9.15-r2 imlib-1.9.15-fix-rendering.patch

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

* [gentoo-commits] gentoo-x86 commit in media-libs/imlib/files: imlib-1.9.15-bpp16-CVE-2007-3568.patch digest-imlib-1.9.15-r2 imlib-1.9.15-fix-rendering.patch
@ 2007-12-10 20:14 Peter Volkov (pva)
  0 siblings, 0 replies; only message in thread
From: Peter Volkov (pva) @ 2007-12-10 20:14 UTC (permalink / raw
  To: gentoo-commits

pva         07/12/10 20:14:29

  Added:                imlib-1.9.15-bpp16-CVE-2007-3568.patch
                        digest-imlib-1.9.15-r2
                        imlib-1.9.15-fix-rendering.patch
  Log:
  Fixed denial of service (infinite loop) via a BMP image, bug #201887.
  Fixed bug which prevented imlib to render images is MIT-SHM when the MIT-SHM extension doesn't support shared pixmaps (bugs.debian.org/448360). Thank for report Antti Mäkelä <zarhan AT cs.tut.fi>.
  Homepage changed. No website is available for this old library, so pointing to sources location.
  (Portage version: 2.1.3.19)

Revision  Changes    Path
1.1                  media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch?rev=1.1&content-type=text/plain

Index: imlib-1.9.15-bpp16-CVE-2007-3568.patch
===================================================================
--- Imlib/load.c.orig	2007-08-13 23:06:20.000000000 -0300
+++ Imlib/load.c	2007-08-13 23:06:51.000000000 -0300
@@ -645,7 +645,7 @@
   planes = (int)word;
   fread(&word, 2, 1, file);
   bpp = (int)word;
-  if (bpp != 1 && bpp != 4 && bpp != 8 && bpp && 16 && bpp != 24 && bpp != 32)
+  if (bpp != 1 && bpp != 4 && bpp != 8 && bpp != 16 && bpp != 24 && bpp != 32)
     {
       fprintf(stderr, "IMLIB ERROR: unknown bitdepth in file\n");
       return NULL;



1.1                  media-libs/imlib/files/digest-imlib-1.9.15-r2

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/imlib/files/digest-imlib-1.9.15-r2?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/imlib/files/digest-imlib-1.9.15-r2?rev=1.1&content-type=text/plain

Index: digest-imlib-1.9.15-r2
===================================================================
MD5 7db987e6c52e4daf70d7d0f471238eae imlib-1.9.15.tar.bz2 683242
RMD160 195b80833167134ba2d9a9574d420279f9cf55f4 imlib-1.9.15.tar.bz2 683242
SHA256 4e6a270308a9ae16586bfc133c1a3dfb2e56f431edb66aaa3a80e36e5ed84ce0 imlib-1.9.15.tar.bz2 683242



1.1                  media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch?rev=1.1&content-type=text/plain

Index: imlib-1.9.15-fix-rendering.patch
===================================================================
Michel Dänzer <daenzer AT debian.org>

* The boolean value returned via the last parameter to XShmQueryVersion()
  isn't honoured everywhere.
* The init functions that take parameters allow the caller to enable shared
  pixmaps when they aren't supported (or disabled by configuration files).


These result in incorrect rendering when the MIT-SHM extension doesn't support
shared pixmaps, e.g. using EXA with current versions of Xorg.

http://bugs.gentoo.org/show_bug.cgi?id=197489

diff -up -ru imlib-1.9.15.orig/gdk_imlib/misc.c imlib-1.9.15/gdk_imlib/misc.c
--- imlib-1.9.15.orig/gdk_imlib/misc.c	2002-03-04 18:06:32.000000000 +0100
+++ imlib-1.9.15/gdk_imlib/misc.c	2007-10-28 14:00:04.000000000 +0100
@@ -674,6 +674,10 @@ gdk_imlib_init_params(GdkImlibInitParams
   visual = gdk_rgb_get_visual();
   id->x.visual = GDK_VISUAL_XVISUAL(visual);	/* the visual type */
   id->x.depth = visual->depth;	/* the depth of the screen in bpp */
+
+  id->x.shm = 0;
+  id->x.shmp = 0;
+  id->max_shm = 0;
 #ifdef HAVE_SHM
   if (XShmQueryExtension(id->x.disp))
     {
@@ -689,17 +693,14 @@ gdk_imlib_init_params(GdkImlibInitParams
 	      id->x.last_xim = NULL;
 	      id->x.last_sxim = NULL;
 	      id->max_shm = 0x7fffffff;
-	      if (XShmPixmapFormat(id->x.disp) == ZPixmap)
+	      if ((XShmPixmapFormat(id->x.disp) == ZPixmap) &&
+		  (pm == True))
 		id->x.shmp = 1;
 	    }
 	}
     }
-  else
 #endif
-    {
-      id->x.shm = 0;
-      id->x.shmp = 0;
-    }
+
   id->cache.on_image = 0;
   id->cache.size_image = 0;
   id->cache.num_image = 0;
@@ -935,8 +936,8 @@ gdk_imlib_init_params(GdkImlibInitParams
 	}
       if (p->flags & PARAMS_SHAREDPIXMAPS)
 	{
-	  if (id->x.shm)
-	    id->x.shmp = p->sharedpixmaps;
+	  if (!p->sharedpixmaps)
+	    id->x.shmp = 0;
 	}
       if (p->flags & PARAMS_PALETTEOVERRIDE)
 	override = p->paletteoverride;
diff -up -ru imlib-1.9.15.orig/Imlib/misc.c imlib-1.9.15/Imlib/misc.c
--- imlib-1.9.15.orig/Imlib/misc.c	2004-09-21 02:22:59.000000000 +0200
+++ imlib-1.9.15/Imlib/misc.c	2007-10-28 14:00:23.000000000 +0100
@@ -675,6 +675,10 @@ Imlib_init_with_params(Display * disp, I
   id->x.root = DefaultRootWindow(disp);		/* the root window id */
   id->x.visual = DefaultVisual(disp, id->x.screen);	/* the visual type */
   id->x.depth = DefaultDepth(disp, id->x.screen);	/* the depth of the screen in bpp */
+
+  id->x.shm = 0;
+  id->x.shmp = 0;
+  id->max_shm = 0;
 #ifdef HAVE_SHM
   if (XShmQueryExtension(id->x.disp))
     {
@@ -690,17 +694,14 @@ Imlib_init_with_params(Display * disp, I
 	      id->x.last_xim = NULL;
 	      id->x.last_sxim = NULL;
 	      id->max_shm = 0x7fffffff;
-	      if (XShmPixmapFormat(id->x.disp) == ZPixmap)
+	      if ((XShmPixmapFormat(id->x.disp) == ZPixmap &&
+		   (pm == True)))
 		id->x.shmp = 1;
 	    }
 	}
     }
-  else
 #endif
-    {
-      id->x.shm = 0;
-      id->x.shmp = 0;
-    }
+
   id->cache.on_image = 0;
   id->cache.size_image = 0;
   id->cache.num_image = 0;
@@ -952,8 +953,8 @@ Imlib_init_with_params(Display * disp, I
 	}
       if (p->flags & PARAMS_SHAREDPIXMAPS)
 	{
-	  if (id->x.shm)
-	    id->x.shmp = p->sharedpixmaps;
+	  if (!p->sharedpixmaps)
+	    id->x.shmp = 0;
 	}
       if (p->flags & PARAMS_PALETTEOVERRIDE)
 	override = p->paletteoverride;



-- 
gentoo-commits@gentoo.org mailing list



^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2007-12-10 20:14 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-12-10 20:14 [gentoo-commits] gentoo-x86 commit in media-libs/imlib/files: imlib-1.9.15-bpp16-CVE-2007-3568.patch digest-imlib-1.9.15-r2 imlib-1.9.15-fix-rendering.patch Peter Volkov (pva)

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox