[arch-commits] Commit in lcms/trunk (PKGBUILD cve-2013-4276.patch)
Bartłomiej Piotrowski
bpiotrowski at nymeria.archlinux.org
Fri Sep 6 07:11:44 UTC 2013
Date: Friday, September 6, 2013 @ 09:11:44
Author: bpiotrowski
Revision: 193921
upgpkg: lcms 1.19-4
- fix CVE-2013-4276 (FS#36783)
Added:
lcms/trunk/cve-2013-4276.patch
Modified:
lcms/trunk/PKGBUILD
---------------------+
PKGBUILD | 13 ++++++++--
cve-2013-4276.patch | 62 ++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 72 insertions(+), 3 deletions(-)
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2013-09-06 07:09:37 UTC (rev 193920)
+++ PKGBUILD 2013-09-06 07:11:44 UTC (rev 193921)
@@ -4,7 +4,7 @@
pkgname=lcms
pkgver=1.19
-pkgrel=2
+pkgrel=4
pkgdesc="Lightweight color management development library/engine"
arch=('i686' 'x86_64')
license=('custom')
@@ -11,9 +11,16 @@
depends=('libtiff')
url="http://www.littlecms.com"
options=('!libtool')
-source=(http://downloads.sourceforge.net/sourceforge/${pkgname}/${pkgname}-${pkgver}.tar.gz)
-md5sums=('8af94611baf20d9646c7c2c285859818')
+source=(http://downloads.sourceforge.net/sourceforge/${pkgname}/${pkgname}-${pkgver}.tar.gz
+ cve-2013-4276.patch)
+md5sums=('8af94611baf20d9646c7c2c285859818'
+ 'fa1db4861cfa05f4c4a2c826e1c35502')
+prepare() {
+ cd "${srcdir}/${pkgname}-${pkgver}"
+ patch -Np1 -i ../cve-2013-4276.patch
+}
+
build() {
cd "${srcdir}/${pkgname}-${pkgver}"
./configure --prefix=/usr
Added: cve-2013-4276.patch
===================================================================
--- cve-2013-4276.patch (rev 0)
+++ cve-2013-4276.patch 2013-09-06 07:11:44 UTC (rev 193921)
@@ -0,0 +1,62 @@
+diff -ur lcms-1.19.dfsg/samples/icctrans.c lcms-1.19.dfsg-patched/samples/icctrans.c
+--- lcms-1.19.dfsg/samples/icctrans.c 2009-10-30 15:57:45.000000000 +0000
++++ lcms-1.19.dfsg-patched/samples/icctrans.c 2013-08-06 11:53:14.385266647 +0100
+@@ -86,6 +86,8 @@
+ static LPcmsNAMEDCOLORLIST InputColorant = NULL;
+ static LPcmsNAMEDCOLORLIST OutputColorant = NULL;
+
++unsigned int Buffer_size = 4096;
++
+
+ // isatty replacement
+
+@@ -500,7 +502,7 @@
+
+ Prefix[0] = 0;
+ if (!lTerse)
+- sprintf(Prefix, "%s=", C);
++ snprintf(Prefix, 20, "%s=", C);
+
+ if (InHexa)
+ {
+@@ -648,7 +650,9 @@
+ static
+ void GetLine(char* Buffer)
+ {
+- scanf("%s", Buffer);
++ char User_buffer[Buffer_size];
++ fgets(User_buffer, (Buffer_size - 1), stdin);
++ sscanf(User_buffer,"%s", Buffer);
+
+ if (toupper(Buffer[0]) == 'Q') { // Quit?
+
+@@ -668,7 +672,7 @@
+ static
+ double GetAnswer(const char* Prompt, double Range)
+ {
+- char Buffer[4096];
++ char Buffer[Buffer_size];
+ double val = 0.0;
+
+ if (Range == 0.0) { // Range 0 means double value
+@@ -738,7 +742,7 @@
+ static
+ WORD GetIndex(void)
+ {
+- char Buffer[4096], Name[40], Prefix[40], Suffix[40];
++ char Buffer[Buffer_size], Name[40], Prefix[40], Suffix[40];
+ int index, max;
+
+ max = cmsNamedColorCount(hTrans)-1;
+diff -ur lcms-1.19.dfsg/tifficc/tiffdiff.c lcms-1.19.dfsg-patched/tifficc/tiffdiff.c
+--- lcms-1.19.dfsg/tifficc/tiffdiff.c 2009-10-30 15:57:46.000000000 +0000
++++ lcms-1.19.dfsg-patched/tifficc/tiffdiff.c 2013-08-06 11:49:06.698951157 +0100
+@@ -633,7 +633,7 @@
+ cmsIT8SetSheetType(hIT8, "TIFFDIFF");
+
+
+- sprintf(Buffer, "Differences between %s and %s", TiffName1, TiffName2);
++ snprintf(Buffer, 256, "Differences between %s and %s", TiffName1, TiffName2);
+
+ cmsIT8SetComment(hIT8, Buffer);
+
More information about the arch-commits
mailing list