rpms/gif2png/devel gif2png-overflow.patch, 1.1, 1.2 gif2png.spec, 1.12, 1.13
ensc
ensc at fedoraproject.org
Sat Jan 2 11:30:32 UTC 2010
- Previous message (by thread): rpms/givaro/F-12 .cvsignore, 1.3, 1.4 givaro.spec, 1.3, 1.4 sources, 1.3, 1.4
- Next message (by thread): rpms/gif2png/F-12 gif2png.spec, 1.10, 1.11 gif2png-overflow.patch, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: ensc
Update of /cvs/extras/rpms/gif2png/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv27583
Modified Files:
gif2png-overflow.patch gif2png.spec
Log Message:
changed -overflow patch to abort on bad filenames instead of processing
truncated ones
gif2png-overflow.patch:
gif2png.c | 11 ++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)
Index: gif2png-overflow.patch
===================================================================
RCS file: /cvs/extras/rpms/gif2png/devel/gif2png-overflow.patch,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -p -r1.1 -r1.2
--- gif2png-overflow.patch 1 Jan 2010 16:02:02 -0000 1.1
+++ gif2png-overflow.patch 2 Jan 2010 11:30:31 -0000 1.2
@@ -19,13 +19,16 @@ Index: gif2png-2.5.2/gif2png.c
if (strcmp(file_ext, ".gif") != 0 && strcmp(file_ext, ".GIF") != 0 &&
strcmp(file_ext, "_gif") != 0 && strcmp(file_ext, "_GIF") != 0) {
/* try to derive basename */
-@@ -874,7 +877,8 @@ int main(int argc, char *argv[])
+@@ -874,6 +877,12 @@ int main(int argc, char *argv[])
}
} else {
for (i = ac;i<argc; i++) {
-- strcpy(name, argv[i]);
-+ strncpy(name, argv[i], sizeof name - sizeof ".gif");
-+ name[sizeof name - sizeof ".gif"] = '\0';
++ if (strlen(argv[i]) >= sizeof name - sizeof ".gif") {
++ fprintf(stderr, "%s: name too long\n", argv[i]);
++ errors = 1;
++ continue;
++ }
++
+ strcpy(name, argv[i]);
if ((fp = fopen(name, "rb")) == NULL) {
/* retry with .gif appended */
- strcat(name, ".gif");
Index: gif2png.spec
===================================================================
RCS file: /cvs/extras/rpms/gif2png/devel/gif2png.spec,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -p -r1.12 -r1.13
--- gif2png.spec 1 Jan 2010 16:32:35 -0000 1.12
+++ gif2png.spec 2 Jan 2010 11:30:32 -0000 1.13
@@ -5,7 +5,7 @@
Summary: A GIF to PNG converter
Name: gif2png
Version: 2.5.2
-Release: %release_func 1302
+Release: %release_func 1304
License: BSD
Group: Applications/Multimedia
URL: http://www.catb.org/~esr/gif2png/
@@ -75,6 +75,10 @@ rm -rf $RPM_BUILD_ROOT
%changelog
+* Sat Jan 2 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 2.5.2-1304
+- changed -overflow patch to abort on bad filenames instead of
+ processing truncated ones
+
* Fri Jan 1 2010 Enrico Scholz <enrico.scholz at informatik.tu-chemnitz.de> - 2.5.2-1302
- fixed command line buffer overflow (#547515, CVE-2009-XXXX)
- Previous message (by thread): rpms/givaro/F-12 .cvsignore, 1.3, 1.4 givaro.spec, 1.3, 1.4 sources, 1.3, 1.4
- Next message (by thread): rpms/gif2png/F-12 gif2png.spec, 1.10, 1.11 gif2png-overflow.patch, 1.1, 1.2
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list