rpms/ImageMagick/FC-4 ImageMagick-6.2.2-yet-another-overflow.patch, NONE, 1.1 ImageMagick.spec, 1.43, 1.44
fedora-cvs-commits at redhat.com
fedora-cvs-commits at redhat.com
Wed May 24 15:21:23 UTC 2006
Author: mclasen
Update of /cvs/dist/rpms/ImageMagick/FC-4
In directory cvs.devel.redhat.com:/tmp/cvs-serv13552
Modified Files:
ImageMagick.spec
Added Files:
ImageMagick-6.2.2-yet-another-overflow.patch
Log Message:
Fix a heap overflow
ImageMagick-6.2.2-yet-another-overflow.patch:
display.c | 15 ++++++++-------
1 files changed, 8 insertions(+), 7 deletions(-)
--- NEW FILE ImageMagick-6.2.2-yet-another-overflow.patch ---
--- ImageMagick-6.2.2/magick/display.c.yet-another-overflow 2005-04-24 19:23:05.000000000 -0400
+++ ImageMagick-6.2.2/magick/display.c 2006-05-24 11:18:50.000000000 -0400
@@ -1839,10 +1839,7 @@
image_number=0;
last_image=0;
last_scene=0;
- image_marker=(unsigned long *)
- AcquireMagickMemory((argc+1)*sizeof(*image_marker));
- for (i=0; i <= argc; i++)
- image_marker[i]=(unsigned long) argc;
+ image_marker=(unsigned long *) NULL;
option=(char *) NULL;
pend=MagickFalse;
resource_database=(XrmDatabase) NULL;
@@ -1850,9 +1847,6 @@
server_name=(char *) NULL;
state=0;
status=MagickTrue;
- if (image_marker == (unsigned long *) NULL)
- ThrowDisplayException(ResourceLimitError,"MemoryAllocationFailed",
- strerror(errno));
/*
Check for server name specified on the command line.
*/
@@ -1861,6 +1855,13 @@
if (status == MagickFalse)
ThrowDisplayException(ResourceLimitError,"MemoryAllocationFailed",
strerror(errno));
+ image_marker=(unsigned long *)
+ AcquireMagickMemory((argc+1)*sizeof(*image_marker));
+ for (i=0; i <= argc; i++)
+ image_marker[i]=(unsigned long) argc;
+ if (image_marker == (unsigned long *) NULL)
+ ThrowDisplayException(ResourceLimitError,"MemoryAllocationFailed",
+ strerror(errno));
for (i=1; i < (long) argc; i++)
{
/*
Index: ImageMagick.spec
===================================================================
RCS file: /cvs/dist/rpms/ImageMagick/FC-4/ImageMagick.spec,v
retrieving revision 1.43
retrieving revision 1.44
diff -u -r1.43 -r1.44
--- ImageMagick.spec 23 Jan 2006 14:35:43 -0000 1.43
+++ ImageMagick.spec 24 May 2006 15:21:21 -0000 1.44
@@ -9,7 +9,7 @@
%else
Version: %{VER}
%endif
-Release: 3.fc4.1
+Release: 3.fc4.2
License: freeware
Group: Applications/Multimedia
%if "%{Patchlevel}" != ""
@@ -27,6 +27,8 @@
Patch8: ImageMagick-5.5.6-mask.patch
# 176926
Patch9: ImageMagick-6.2.2-format-string-again.patch
+# 192279
+Patch10: ImageMagick-6.2.2-yet-another-overflow.patch
Url: http://www.imagemagick.org/
Buildroot: %{_tmppath}/%{name}-%{version}-root
@@ -122,6 +124,7 @@
%patch7 -p1 -b .fixed
%patch8 -p1 -b .mask
%patch9 -p1 -b .format-string-again
+%patch10 -p1 -b .yet-another-overflow
%build
%configure --enable-shared \
@@ -231,6 +234,9 @@
%doc PerlMagick/demo/ PerlMagick/Changelog PerlMagick/README.txt
%changelog
+* Wed May 24 2006 Matthias Clasen <mclasen at redhat.com> - 6.2.2.0-3.fc4.2
+- Fix a heap overflow CVE-2006-2440 (#192279)
+
* Mon Jan 9 2006 Matthias Clasen <mclasen at redhat.com> 6.2.2.0-3.fc4.1
- fix a format string vulnerability (CVE-2006-0082)
More information about the fedora-cvs-commits
mailing list