[arch-commits] Commit in lib32-libcaca/trunk (57.patch PKGBUILD)
Jan Steffens
heftig at archlinux.org
Sun May 23 19:12:38 UTC 2021
Date: Sunday, May 23, 2021 @ 19:12:37
Author: heftig
Revision: 943517
0.99.beta19-5: partially fix FS#70520
Added:
lib32-libcaca/trunk/57.patch
Modified:
lib32-libcaca/trunk/PKGBUILD
----------+
57.patch | 59 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
PKGBUILD | 14 ++++++++++----
2 files changed, 69 insertions(+), 4 deletions(-)
Added: 57.patch
===================================================================
--- 57.patch (rev 0)
+++ 57.patch 2021-05-23 19:12:37 UTC (rev 943517)
@@ -0,0 +1,59 @@
+From 148437fc418bcfe521f61213cf3917f3992c7088 Mon Sep 17 00:00:00 2001
+From: Josef Moellers <jmoellers at suse.de>
+Date: Thu, 22 Apr 2021 12:02:19 +0200
+Subject: [PATCH] Handle sprintf() appending a NUL byte [issues 53 and 54]
+
+---
+ caca/codec/export.c | 24 ++++++++++++++----------
+ 1 file changed, 14 insertions(+), 10 deletions(-)
+
+diff --git a/caca/codec/export.c b/caca/codec/export.c
+index 7f7c4422..250ea2b1 100644
+--- a/caca/codec/export.c
++++ b/caca/codec/export.c
+@@ -944,21 +944,21 @@ static void *export_tga(caca_canvas_t const *cv, size_t *bytes)
+ cur = data = malloc(*bytes);
+
+ /* ID Length */
+- cur += sprintf(cur, "%c", 0);
++ *cur++ = 0;
+ /* Color Map Type: no colormap */
+- cur += sprintf(cur, "%c", 0);
++ *cur++ = 0;
+ /* Image Type: uncompressed truecolor */
+- cur += sprintf(cur, "%c", 2);
++ *cur++ = 2;
+ /* Color Map Specification: no color map */
+ memset(cur, 0, 5); cur += 5;
+
+ /* Image Specification */
+- cur += sprintf(cur, "%c%c", 0, 0); /* X Origin */
+- cur += sprintf(cur, "%c%c", 0, 0); /* Y Origin */
+- cur += sprintf(cur, "%c%c", w & 0xff, w >> 8); /* Width */
+- cur += sprintf(cur, "%c%c", h & 0xff, h >> 8); /* Height */
+- cur += sprintf(cur, "%c", 32); /* Pixel Depth */
+- cur += sprintf(cur, "%c", 40); /* Image Descriptor */
++ *cur++ = 0; *cur++ = 0; /* X Origin */
++ *cur++ = 0; *cur++ = 0; /* Y Origin */
++ *cur++ = w & 0xff; *cur++ = w >> 8; /* Width */
++ *cur++ = h & 0xff; *cur++ = h >> 8; /* Height */
++ *cur++ = 32; /* Pixel Depth */
++ *cur++ = 40; /* Image Descriptor */
+
+ /* Image ID: no ID */
+ /* Color Map Data: no colormap */
+@@ -995,9 +995,13 @@ static void *export_troff(caca_canvas_t const *cv, size_t *bytes)
+ * + 4 bytes = 33
+ * Each line has a \n (1) and maybe 0xc2 0xa0 (2)
+ * Header has .nf\n (3)
++ * Kludge alert:
++ * The sprintf functions all append a NUL byte, so
++ * add one byte for any terminating NUL byte,
++ * but don't tell the caller.
+ */
+ *bytes = 3 + cv->height * 3 + (cv->width * cv->height * 33);
+- cur = data = malloc(*bytes);
++ cur = data = malloc(*bytes + 1); /* Add space for a terminating NUL byte */
+
+ cur += sprintf(cur, ".nf\n");
+
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2021-05-23 19:10:03 UTC (rev 943516)
+++ PKGBUILD 2021-05-23 19:12:37 UTC (rev 943517)
@@ -4,7 +4,7 @@
pkgname=lib32-libcaca
pkgver=0.99.beta19
-pkgrel=4
+pkgrel=5
pkgdesc="Color AsCii Art library (32-bit)"
url="http://caca.zoy.org/wiki/libcaca"
arch=(x86_64)
@@ -12,8 +12,10 @@
depends=(lib32-imlib2 libcaca)
makedepends=(git)
_commit=caae67dce5d72ceceac79468bed47b58ea8e4a29 # tags/v0.99.beta19
-source=("git+https://github.com/cacalabs/libcaca#commit=$_commit")
-sha256sums=('SKIP')
+source=("git+https://github.com/cacalabs/libcaca#commit=$_commit"
+ 57.patch)
+sha256sums=('SKIP'
+ 'ece7dc2cf7e0252a88ff943ec0851c19aeeab5d20b26396984810524347ea38a')
pkgver() {
cd libcaca
@@ -27,6 +29,10 @@
# https://bugs.archlinux.org/task/70053
git cherry-pick -n 46b4ea7c e4968ba6
+ # CVE-2021-30498 CVE-2021-30499
+ # https://bugs.archlinux.org/task/70520
+ git apply -3 ../57.patch
+
# Fix up version
sed -i '/^AC_INIT/s/beta19pre/beta19/;/^LT_MICRO=/s/18/19/' configure.ac
@@ -67,4 +73,4 @@
install -Dt "$pkgdir/usr/share/licenses/$pkgname" -m644 COPYING
}
-# vim:set sw=2 noet:
+# vim:set sw=2 et:
More information about the arch-commits
mailing list