diff options
Diffstat (limited to 'media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3236.patch')
-rw-r--r-- | media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3236.patch | 39 |
1 files changed, 0 insertions, 39 deletions
diff --git a/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3236.patch b/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3236.patch deleted file mode 100644 index e4d3a9f96fb4..000000000000 --- a/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-3236.patch +++ /dev/null @@ -1,39 +0,0 @@ -From ace45631595e8781a1420842582d67160097163c Mon Sep 17 00:00:00 2001 -From: Michael Natterer <mitch@gimp.org> -Date: Wed, 06 Jun 2012 19:21:10 +0000 -Subject: Bug 676804 - file handling DoS for fit file format - -Apply patch from joe@reactionis.co.uk which fixes a buffer overflow on -broken/malicious fits files. ---- -(limited to 'plug-ins/file-fits/fits-io.c') - -diff --git a/plug-ins/file-fits/fits-io.c b/plug-ins/file-fits/fits-io.c -index 03d9652..ed77318 100644 ---- a/plug-ins/file-fits/fits-io.c -+++ b/plug-ins/file-fits/fits-io.c -@@ -1054,10 +1054,18 @@ static FITS_HDU_LIST *fits_decode_header (FITS_RECORD_LIST *hdr, - hdulist->used.simple = (strncmp (hdr->data, "SIMPLE ", 8) == 0); - hdulist->used.xtension = (strncmp (hdr->data, "XTENSION", 8) == 0); - if (hdulist->used.xtension) -- { -- fdat = fits_decode_card (fits_search_card (hdr, "XTENSION"), typ_fstring); -- strcpy (hdulist->xtension, fdat->fstring); -- } -+ { -+ fdat = fits_decode_card (fits_search_card (hdr, "XTENSION"), typ_fstring); -+ if (fdat != NULL) -+ { -+ strcpy (hdulist->xtension, fdat->fstring); -+ } -+ else -+ { -+ strcpy (errmsg, "No valid XTENSION header found."); -+ goto err_return; -+ } -+ } - - FITS_DECODE_CARD (hdr, "NAXIS", fdat, typ_flong); - hdulist->naxis = fdat->flong; --- -cgit v0.9.0.2 |