Projects
openEuler:22.03:LTS:LoongArch
gdk-pixbuf2
_service:tar_scm_kernel_repo:backport-CVE-2021-...
Sign Up
Log In
Username
Password
Sorry, you are not authorized to perform this action.
×
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm_kernel_repo:backport-CVE-2021-44648.patch of Package gdk-pixbuf2
From 19ebba03117aefc9d0312f675f3a210ffdcc4907 Mon Sep 17 00:00:00 2001 From: Robert Ancell <Robert Ancell @robert.ancell> Date: Tue, 24 May 2022 14:36:15 +0800 Subject: [PATCH] Fix overflow when reading GIF images with invalid LZW initial code size. Conflict:NA Reference:https://gitlab.gnome.org/GNOME/gdk-pixbuf/-/merge_requests/130/diffs?commit_id=19ebba03117aefc9d0312f675f3a210ffdcc4907 --- gdk-pixbuf/io-gif.c | 2 +- gdk-pixbuf/lzw.c | 2 ++ 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/gdk-pixbuf/io-gif.c b/gdk-pixbuf/io-gif.c index 1befba1..3d2a7a9 100644 --- a/gdk-pixbuf/io-gif.c +++ b/gdk-pixbuf/io-gif.c @@ -500,7 +500,7 @@ gif_prepare_lzw (GifContext *context) return -1; } - if (context->lzw_set_code_size > 12) { + if (context->lzw_set_code_size >= 12) { g_set_error_literal (context->error, GDK_PIXBUF_ERROR, GDK_PIXBUF_ERROR_CORRUPT_IMAGE, diff --git a/gdk-pixbuf/lzw.c b/gdk-pixbuf/lzw.c index 105daf2..f3fae17 100644 --- a/gdk-pixbuf/lzw.c +++ b/gdk-pixbuf/lzw.c @@ -121,6 +121,8 @@ lzw_decoder_new (guint8 code_size) LZWDecoder *self; int i; + g_return_val_if_fail (code_size <= LZW_CODE_MAX, NULL); + self = g_object_new (lzw_decoder_get_type (), NULL); self->min_code_size = code_size; -- 2.27.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.