diff options
Diffstat (limited to 'media-gfx/gimp/files/gimp-2.6.12-CVE-2012-2763.patch')
| -rw-r--r-- | media-gfx/gimp/files/gimp-2.6.12-CVE-2012-2763.patch | 20 |
1 files changed, 20 insertions, 0 deletions
diff --git a/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-2763.patch b/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-2763.patch new file mode 100644 index 000000000000..c922b6399cc8 --- /dev/null +++ b/media-gfx/gimp/files/gimp-2.6.12-CVE-2012-2763.patch @@ -0,0 +1,20 @@ +Fix for CVE-2012-2763 for GIMP 2.6.x by mancha. Based on commit +76155d79df8d497. Thanks to muks, Kevin, and Ankh for identifying +the relevant code change. + +Ref: Fixed potential buffer overflow in readstr_upto(). + +================================================ + +--- a/plug-ins/script-fu/tinyscheme/scheme.c.orig 2012-06-30 ++++ b/plug-ins/script-fu/tinyscheme/scheme.c 2012-06-30 +@@ -1727,7 +1727,8 @@ static char *readstr_upto(scheme *sc, ch + c = inchar(sc); + len = g_unichar_to_utf8(c, p); + p += len; +- } while (c && !is_one_of(delim, c)); ++ } while ((p - sc->strbuff < sizeof(sc->strbuff)) && ++ (c && !is_one_of(delim, c))); + + if(p==sc->strbuff+2 && c_prev=='\\') + *p = '\0'; |