media-libs/ming: Rev bump to add patch for CVE-2017-8782 (bug #620318)

Package-Manager: Portage-2.3.5, Repoman-2.3.2

2 files changed, 30 insertions, 0 deletions

diff --git a/media-libs/ming/files/ming-0.4.8-CVE-2017-8782.patch b/media-libs/ming/files/ming-0.4.8-CVE-2017-8782.patch
new file mode 100644
index 000000000000..223d363ae0b0
--- /dev/null
+++ b/media-libs/ming/files/ming-0.4.8-CVE-2017-8782.patch
@@ -0,0 +1,28 @@
+https://github.com/libming/libming/commit/6eca133ee9985c298186cbe05f888082c30bf2d9
+
+--- a/util/read.c
++++ b/util/read.c
+@@ -247,6 +247,11 @@ char *readString(FILE *f)
+     if(len >= buflen-2)
+     {
+       buf = (char *)realloc(buf, sizeof(char)*(buflen+256));
++      if ( ! buf )
++      {
++        fprintf(stderr, "failed reallocating %d bytes\n", buflen+256);
++        exit(-1);
++      }
+       buflen += 256;
+       p = buf+len;
+     }
+@@ -350,6 +355,11 @@ char *readSizedString(FILE *f,int size)
+     if(len >= buflen-2)
+     {
+       buf = (char *)realloc(buf, sizeof(char)*(buflen+256));
++      if ( ! buf )
++      {
++        fprintf(stderr, "failed reallocating %d bytes\n", buflen+256);
++        exit(-1);
++      }
+       buflen += 256;
+       p = buf+len;
+     }
diff --git a/media-libs/ming/ming-0.4.8.ebuild b/media-libs/ming/ming-0.4.8-r1.ebuild
index 74cb21175c6f..ec977abe20ed 100644
--- a/media-libs/ming/ming-0.4.8.ebuild
+++ b/media-libs/ming/ming-0.4.8-r1.ebuild
@@ -34,6 +34,8 @@ PDEPEND="php? ( dev-php/ming-php )"
 REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
 S=${WORKDIR}/${P//./_}
 
+PATCHES=( "${FILESDIR}"/${PN}-0.4.8-CVE-2017-8782.patch )
+
 # Tests only work when the package is tested on a system
 # which does not presently have any version of ming installed.
 RESTRICT="test"