rpms/openoffice.org/F-7 workspace.mhu18.patch, NONE, 1.1 openoffice.org.spec, 1.1208, 1.1209

Caolan McNamara (caolanm) fedora-extras-commits at redhat.com
Tue Jun 10 07:55:51 UTC 2008 

Author: caolanm

Update of /cvs/pkgs/rpms/openoffice.org/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv19607

Modified Files:
	openoffice.org.spec 
Added Files:
	workspace.mhu18.patch 
Log Message:
Resolves: rhbz#450649 CVE-2008-2152

workspace.mhu18.patch:

--- NEW FILE workspace.mhu18.patch ---
Index: porting/sal/rtl/source/alloc_global.c
diff -u porting/sal/rtl/source/alloc_global.c:1.3 porting/sal/rtl/source/alloc_global.c:1.3.288.1
--- porting/sal/rtl/source/alloc_global.c:1.3	Tue May  9 00:24:51 2006
+++ porting/sal/rtl/source/alloc_global.c	Mon May 19 00:59:10 2008
@@ -217,9 +217,15 @@
 		int index = (size - 1) >> RTL_MEMALIGN_SHIFT;
 		OSL_ASSERT(RTL_MEMALIGN >= sizeof(sal_Size));
 
+		if (n >= SAL_MAX_SIZE - (RTL_MEMALIGN + RTL_MEMALIGN - 1))
+		{
+			/* requested size too large for roundup alignment */
+			return 0;
+		}
+
 try_alloc:
 		if (index < RTL_MEMORY_CACHED_LIMIT >> RTL_MEMALIGN_SHIFT)
-			addr = (char*)rtl_cache_alloc(g_alloc_table[index]);
+			addr = (char*)rtl_cache_alloc (g_alloc_table[index]);
 		else
 			addr = (char*)rtl_arena_alloc (gp_alloc_arena, &size);
 


Index: openoffice.org.spec
===================================================================
RCS file: /cvs/pkgs/rpms/openoffice.org/F-7/openoffice.org.spec,v
retrieving revision 1.1208
retrieving revision 1.1209
diff -u -r1.1208 -r1.1209
--- openoffice.org.spec	17 Apr 2008 07:17:19 -0000	1.1208
+++ openoffice.org.spec	10 Jun 2008 07:55:06 -0000	1.1209
@@ -1,6 +1,6 @@
 %define oootag OOG680
 %define ooomilestone 6
-%define rh_rpm_release 8
+%define rh_rpm_release 9
 
 # undef to get english only and no-langpacks for a faster smoketest build
 %define langpacks 1
@@ -140,6 +140,7 @@
 Patch73: openoffice.org-2.3.1.ooo83878.unopkg.enablelinking.patch
 Patch74: openoffice.org-2.4.0.ooo86080.unopkg.bodge.patch
 Patch75: workspace.sjfixes03.patch
+Patch76: workspace.mhu18.patch
 
 %define instdir %{_libdir}/openoffice.org
 
@@ -1078,6 +1079,7 @@
 %patch73 -p1 -b .ooo83878.unopkg.enablelinking.patch
 %patch74 -p1 -b .ooo86080.unopkg.bodge.patch
 %patch75 -p1 -b .workspace.sjfixes03.patch
+%patch76 -p1 -b .workspace.mhu18.patch
 
 %if %{linkopt}
 chmod a+x solenv/bin/mklinkscript.pl
@@ -2785,6 +2787,9 @@
 %{instdir}/share/registry/modules/org/openoffice/Office/Scripting/Scripting-python.xcu
 
 %changelog
+* Thu Jun 10 2008 Caolan McNamara <caolanm at redhat.com> - 1:2.3.0-6.9
+- Resolves: rhbz#450649 CVE-2008-2152
+
 * Thu Apr 17 2008 Caolan McNamara <caolanm at redhat.com> - 1:2.3.0-6.8
 - CVE-2007-5745, CVE-2007-5746, CVE-2007-5747, CVE-2008-0320

More information about the fedora-extras-commits mailing list