* [gentoo-commits] gentoo-x86 commit in media-libs/imlib/files: imlib-1.9.15-bpp16-CVE-2007-3568.patch digest-imlib-1.9.15-r2 imlib-1.9.15-fix-rendering.patch
@ 2007-12-10 20:14 Peter Volkov (pva)
0 siblings, 0 replies; only message in thread
From: Peter Volkov (pva) @ 2007-12-10 20:14 UTC (permalink / raw
To: gentoo-commits
pva 07/12/10 20:14:29
Added: imlib-1.9.15-bpp16-CVE-2007-3568.patch
digest-imlib-1.9.15-r2
imlib-1.9.15-fix-rendering.patch
Log:
Fixed denial of service (infinite loop) via a BMP image, bug #201887.
Fixed bug which prevented imlib to render images is MIT-SHM when the MIT-SHM extension doesn't support shared pixmaps (bugs.debian.org/448360). Thank for report Antti Mäkelä <zarhan AT cs.tut.fi>.
Homepage changed. No website is available for this old library, so pointing to sources location.
(Portage version: 2.1.3.19)
Revision Changes Path
1.1 media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/imlib/files/imlib-1.9.15-bpp16-CVE-2007-3568.patch?rev=1.1&content-type=text/plain
Index: imlib-1.9.15-bpp16-CVE-2007-3568.patch
===================================================================
--- Imlib/load.c.orig 2007-08-13 23:06:20.000000000 -0300
+++ Imlib/load.c 2007-08-13 23:06:51.000000000 -0300
@@ -645,7 +645,7 @@
planes = (int)word;
fread(&word, 2, 1, file);
bpp = (int)word;
- if (bpp != 1 && bpp != 4 && bpp != 8 && bpp && 16 && bpp != 24 && bpp != 32)
+ if (bpp != 1 && bpp != 4 && bpp != 8 && bpp != 16 && bpp != 24 && bpp != 32)
{
fprintf(stderr, "IMLIB ERROR: unknown bitdepth in file\n");
return NULL;
1.1 media-libs/imlib/files/digest-imlib-1.9.15-r2
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/imlib/files/digest-imlib-1.9.15-r2?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/imlib/files/digest-imlib-1.9.15-r2?rev=1.1&content-type=text/plain
Index: digest-imlib-1.9.15-r2
===================================================================
MD5 7db987e6c52e4daf70d7d0f471238eae imlib-1.9.15.tar.bz2 683242
RMD160 195b80833167134ba2d9a9574d420279f9cf55f4 imlib-1.9.15.tar.bz2 683242
SHA256 4e6a270308a9ae16586bfc133c1a3dfb2e56f431edb66aaa3a80e36e5ed84ce0 imlib-1.9.15.tar.bz2 683242
1.1 media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch
file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch?rev=1.1&view=markup
plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/media-libs/imlib/files/imlib-1.9.15-fix-rendering.patch?rev=1.1&content-type=text/plain
Index: imlib-1.9.15-fix-rendering.patch
===================================================================
Michel Dänzer <daenzer AT debian.org>
* The boolean value returned via the last parameter to XShmQueryVersion()
isn't honoured everywhere.
* The init functions that take parameters allow the caller to enable shared
pixmaps when they aren't supported (or disabled by configuration files).
These result in incorrect rendering when the MIT-SHM extension doesn't support
shared pixmaps, e.g. using EXA with current versions of Xorg.
http://bugs.gentoo.org/show_bug.cgi?id=197489
diff -up -ru imlib-1.9.15.orig/gdk_imlib/misc.c imlib-1.9.15/gdk_imlib/misc.c
--- imlib-1.9.15.orig/gdk_imlib/misc.c 2002-03-04 18:06:32.000000000 +0100
+++ imlib-1.9.15/gdk_imlib/misc.c 2007-10-28 14:00:04.000000000 +0100
@@ -674,6 +674,10 @@ gdk_imlib_init_params(GdkImlibInitParams
visual = gdk_rgb_get_visual();
id->x.visual = GDK_VISUAL_XVISUAL(visual); /* the visual type */
id->x.depth = visual->depth; /* the depth of the screen in bpp */
+
+ id->x.shm = 0;
+ id->x.shmp = 0;
+ id->max_shm = 0;
#ifdef HAVE_SHM
if (XShmQueryExtension(id->x.disp))
{
@@ -689,17 +693,14 @@ gdk_imlib_init_params(GdkImlibInitParams
id->x.last_xim = NULL;
id->x.last_sxim = NULL;
id->max_shm = 0x7fffffff;
- if (XShmPixmapFormat(id->x.disp) == ZPixmap)
+ if ((XShmPixmapFormat(id->x.disp) == ZPixmap) &&
+ (pm == True))
id->x.shmp = 1;
}
}
}
- else
#endif
- {
- id->x.shm = 0;
- id->x.shmp = 0;
- }
+
id->cache.on_image = 0;
id->cache.size_image = 0;
id->cache.num_image = 0;
@@ -935,8 +936,8 @@ gdk_imlib_init_params(GdkImlibInitParams
}
if (p->flags & PARAMS_SHAREDPIXMAPS)
{
- if (id->x.shm)
- id->x.shmp = p->sharedpixmaps;
+ if (!p->sharedpixmaps)
+ id->x.shmp = 0;
}
if (p->flags & PARAMS_PALETTEOVERRIDE)
override = p->paletteoverride;
diff -up -ru imlib-1.9.15.orig/Imlib/misc.c imlib-1.9.15/Imlib/misc.c
--- imlib-1.9.15.orig/Imlib/misc.c 2004-09-21 02:22:59.000000000 +0200
+++ imlib-1.9.15/Imlib/misc.c 2007-10-28 14:00:23.000000000 +0100
@@ -675,6 +675,10 @@ Imlib_init_with_params(Display * disp, I
id->x.root = DefaultRootWindow(disp); /* the root window id */
id->x.visual = DefaultVisual(disp, id->x.screen); /* the visual type */
id->x.depth = DefaultDepth(disp, id->x.screen); /* the depth of the screen in bpp */
+
+ id->x.shm = 0;
+ id->x.shmp = 0;
+ id->max_shm = 0;
#ifdef HAVE_SHM
if (XShmQueryExtension(id->x.disp))
{
@@ -690,17 +694,14 @@ Imlib_init_with_params(Display * disp, I
id->x.last_xim = NULL;
id->x.last_sxim = NULL;
id->max_shm = 0x7fffffff;
- if (XShmPixmapFormat(id->x.disp) == ZPixmap)
+ if ((XShmPixmapFormat(id->x.disp) == ZPixmap &&
+ (pm == True)))
id->x.shmp = 1;
}
}
}
- else
#endif
- {
- id->x.shm = 0;
- id->x.shmp = 0;
- }
+
id->cache.on_image = 0;
id->cache.size_image = 0;
id->cache.num_image = 0;
@@ -952,8 +953,8 @@ Imlib_init_with_params(Display * disp, I
}
if (p->flags & PARAMS_SHAREDPIXMAPS)
{
- if (id->x.shm)
- id->x.shmp = p->sharedpixmaps;
+ if (!p->sharedpixmaps)
+ id->x.shmp = 0;
}
if (p->flags & PARAMS_PALETTEOVERRIDE)
override = p->paletteoverride;
--
gentoo-commits@gentoo.org mailing list
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2007-12-10 20:14 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-12-10 20:14 [gentoo-commits] gentoo-x86 commit in media-libs/imlib/files: imlib-1.9.15-bpp16-CVE-2007-3568.patch digest-imlib-1.9.15-r2 imlib-1.9.15-fix-rendering.patch Peter Volkov (pva)
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox