[arch-commits] CVS update of extra/lib/sdl_image (3 files)
Jan de Groot
jgc at archlinux.org
Sun Mar 16 22:01:05 UTC 2008
Date: Sunday, March 16, 2008 @ 18:01:05
Author: jgc
Path: /home/cvs-extra/extra/lib/sdl_image
Added: SDL_image-IMG_lbm.patch (1.1) SDL_image-buffer-overflow.patch (1.1)
Modified: PKGBUILD (1.12 -> 1.13)
upgpkg: sdl_image 1.2.6-2
Fix buffer overflows
---------------------------------+
PKGBUILD | 16 +++++++++++-----
SDL_image-IMG_lbm.patch | 28 ++++++++++++++++++++++++++++
SDL_image-buffer-overflow.patch | 13 +++++++++++++
3 files changed, 52 insertions(+), 5 deletions(-)
Index: extra/lib/sdl_image/PKGBUILD
diff -u extra/lib/sdl_image/PKGBUILD:1.12 extra/lib/sdl_image/PKGBUILD:1.13
--- extra/lib/sdl_image/PKGBUILD:1.12 Sun Aug 5 10:22:24 2007
+++ extra/lib/sdl_image/PKGBUILD Sun Mar 16 18:01:05 2008
@@ -1,20 +1,26 @@
-# $Id: PKGBUILD,v 1.12 2007/08/05 14:22:24 jgc Exp $
+# $Id: PKGBUILD,v 1.13 2008/03/16 22:01:05 jgc Exp $
# Maintainer: Jan de Groot <jgc at archlinux.org>
# Contributor: Tom Newsom <Jeepster at gmx.co.uk>
pkgname=sdl_image
pkgver=1.2.6
-pkgrel=1
+pkgrel=2
pkgdesc="A simple library to load images of various formats as SDL surfaces"
arch=(i686 x86_64)
license=('LGPL')
-depends=('sdl>=1.2.12' 'libpng' 'libjpeg' 'libtiff' 'zlib')
+depends=('sdl>=1.2.13' 'libpng' 'libjpeg' 'libtiff' 'zlib')
options=('!libtool')
url="http://www.libsdl.org/projects/SDL_image/"
-source=(http://www.libsdl.org/projects/SDL_image/release/SDL_image-${pkgver}.tar.gz)
-md5sums=('b866dc4f647517bdaf57f6ffdefd013e')
+source=(http://www.libsdl.org/projects/SDL_image/release/SDL_image-${pkgver}.tar.gz
+ SDL_image-IMG_lbm.patch
+ SDL_image-buffer-overflow.patch)
+md5sums=('b866dc4f647517bdaf57f6ffdefd013e'
+ '81424f716513845f27e1b69459343327'
+ 'e774a12d1a07b788233f6c15aca05780')
build() {
cd ${startdir}/src/SDL_image-${pkgver}
+ patch -Np2 -i ${startdir}/src/SDL_image-IMG_lbm.patch || return 1
+ patch -Np2 -i ${startdir}/src/SDL_image-buffer-overflow.patch || return 1
./configure --prefix=/usr
make || return 1
make DESTDIR=${startdir}/pkg install
Index: extra/lib/sdl_image/SDL_image-IMG_lbm.patch
diff -u /dev/null extra/lib/sdl_image/SDL_image-IMG_lbm.patch:1.1
--- /dev/null Sun Mar 16 18:01:05 2008
+++ extra/lib/sdl_image/SDL_image-IMG_lbm.patch Sun Mar 16 18:01:05 2008
@@ -0,0 +1,28 @@
+--- trunk/SDL_image/IMG_lbm.c 2007/07/20 04:37:11 3341
++++ trunk/SDL_image/IMG_lbm.c 2008/01/03 20:05:34 3521
+@@ -28,6 +28,7 @@
+ EHB and HAM (specific Amiga graphic chip modes) support added by Marc Le Douarain
+ (http://www.multimania.com/mavati) in December 2003.
+ Stencil and colorkey fixes by David Raulo (david.raulo AT free DOT fr) in February 2004.
++ Buffer overflow fix in RLE decompression by David Raulo in January 2008.
+ */
+
+ #include <stdio.h>
+@@ -328,7 +329,7 @@
+ count ^= 0xFF;
+ count += 2; /* now it */
+
+- if ( !SDL_RWread( src, &color, 1, 1 ) )
++ if ( ( count > remainingbytes ) || !SDL_RWread( src, &color, 1, 1 ) )
+ {
+ error="error reading BODY chunk";
+ goto done;
+@@ -339,7 +340,7 @@
+ {
+ ++count;
+
+- if ( !SDL_RWread( src, ptr, count, 1 ) )
++ if ( ( count > remainingbytes ) || !SDL_RWread( src, ptr, count, 1 ) )
+ {
+ error="error reading BODY chunk";
+ goto done;
Index: extra/lib/sdl_image/SDL_image-buffer-overflow.patch
diff -u /dev/null extra/lib/sdl_image/SDL_image-buffer-overflow.patch:1.1
--- /dev/null Sun Mar 16 18:01:05 2008
+++ extra/lib/sdl_image/SDL_image-buffer-overflow.patch Sun Mar 16 18:01:05 2008
@@ -0,0 +1,13 @@
+--- trunk/SDL_image/IMG_gif.c 2007/12/28 08:17:23 3461
++++ trunk/SDL_image/IMG_gif.c 2007/12/28 16:43:56 3462
+@@ -418,6 +418,10 @@
+ static int stack[(1 << (MAX_LWZ_BITS)) * 2], *sp;
+ register int i;
+
++ /* Fixed buffer overflow found by Michael Skladnikiewicz */
++ if (input_code_size > MAX_LWZ_BITS)
++ return -1;
++
+ if (flag) {
+ set_code_size = input_code_size;
+ code_size = set_code_size + 1;
More information about the arch-commits
mailing list