pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/graphics/ImageMagick Add patch for CVE-2012-1610 from ...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/8428dc74230f
branches:  trunk
changeset: 602274:8428dc74230f
user:      tez <tez%pkgsrc.org@localhost>
date:      Mon Apr 09 15:56:21 2012 +0000

description:
Add patch for CVE-2012-1610 from http://www.imagemagick.org/discourse-server/viewtopic.php?t=20629

diffstat:

 graphics/ImageMagick/Makefile                        |   4 ++--
 graphics/ImageMagick/distinfo                        |   5 +++--
 graphics/ImageMagick/patches/patch-magick_profile.c  |  18 ++++++++++++++++++
 graphics/ImageMagick/patches/patch-magick_property.c |  14 ++++++++++++--
 4 files changed, 35 insertions(+), 6 deletions(-)

diffs (78 lines):

diff -r 79a8edf3568a -r 8428dc74230f graphics/ImageMagick/Makefile
--- a/graphics/ImageMagick/Makefile     Mon Apr 09 09:24:01 2012 +0000
+++ b/graphics/ImageMagick/Makefile     Mon Apr 09 15:56:21 2012 +0000
@@ -1,9 +1,9 @@
-# $NetBSD: Makefile,v 1.178 2012/03/30 03:50:47 taca Exp $
+# $NetBSD: Makefile,v 1.179 2012/04/09 15:56:21 tez Exp $
 
 .include "Makefile.common"
 
 PKGNAME=       ImageMagick-${DISTVERSION}
-PKGREVISION=   1
+PKGREVISION=   2
 
 MAINTAINER=    adam%NetBSD.org@localhost
 COMMENT=       Package for display and interactive manipulation of images
diff -r 79a8edf3568a -r 8428dc74230f graphics/ImageMagick/distinfo
--- a/graphics/ImageMagick/distinfo     Mon Apr 09 09:24:01 2012 +0000
+++ b/graphics/ImageMagick/distinfo     Mon Apr 09 15:56:21 2012 +0000
@@ -1,8 +1,9 @@
-$NetBSD: distinfo,v 1.110 2012/03/30 03:50:47 taca Exp $
+$NetBSD: distinfo,v 1.111 2012/04/09 15:56:21 tez Exp $
 
 SHA1 (ImageMagick-6.7.5-10.tar.bz2) = e19d7d5148de58d56a02d68049bb5d3ba470f53c
 RMD160 (ImageMagick-6.7.5-10.tar.bz2) = 5ff5b7ddc773beb048773cc252c5d306eaf28e50
 Size (ImageMagick-6.7.5-10.tar.bz2) = 10416791 bytes
 SHA1 (patch-coders_jpeg.c) = 77e47f58ee3c46888f2edeafa1964e5145b65c25
 SHA1 (patch-coders_tiff.c) = ff11a7fe6f47cd3fb7afeab986851ac417366722
-SHA1 (patch-magick_property.c) = 19c345afac494a6599ef65a8a273f52095071127
+SHA1 (patch-magick_profile.c) = e991adc22b072a967fc3459d68cd6ab1e91610c6
+SHA1 (patch-magick_property.c) = 105e9f3cfa3aa098296513c594e24759b1713c5b
diff -r 79a8edf3568a -r 8428dc74230f graphics/ImageMagick/patches/patch-magick_profile.c
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/graphics/ImageMagick/patches/patch-magick_profile.c       Mon Apr 09 15:56:21 2012 +0000
@@ -0,0 +1,18 @@
+$NetBSD: patch-magick_profile.c,v 1.1 2012/04/09 15:56:21 tez Exp $
+
+* Fix for CVE-2012-1610.
+
+--- magick/profile.c.orig      2012-04-09 14:19:45.161695800 +0000
++++ magick/profile.c
+@@ -6727,8 +6727,10 @@ MagickExport MagickBooleanType SyncImage
+       format=(ssize_t) ReadProfileShort(endian,q+2);
+       if ((format-1) >= EXIF_NUM_FORMATS)
+         break;
+-      components=(int) ReadProfileLong(endian,q+4);
++      components=(ssize_t) ((int) ReadProfileLong(endian,q+4));
+       number_bytes=(size_t) components*format_bytes[format];
++      if (number_bytes < components)
++        break;  /* prevent overflow */
+       if (number_bytes <= 4)
+         p=q+8;
+       else
diff -r 79a8edf3568a -r 8428dc74230f graphics/ImageMagick/patches/patch-magick_property.c
--- a/graphics/ImageMagick/patches/patch-magick_property.c      Mon Apr 09 09:24:01 2012 +0000
+++ b/graphics/ImageMagick/patches/patch-magick_property.c      Mon Apr 09 15:56:21 2012 +0000
@@ -1,10 +1,20 @@
-$NetBSD: patch-magick_property.c,v 1.1 2012/03/30 03:50:47 taca Exp $
+$NetBSD: patch-magick_property.c,v 1.2 2012/04/09 15:56:21 tez Exp $
 
 * Fix for CVE-2012-0259.
+* Fix for CVE-2012-1610.
 
 --- magick/property.c.orig     2012-03-01 01:41:19.000000000 +0000
 +++ magick/property.c
-@@ -1309,6 +1309,8 @@ static MagickBooleanType GetEXIFProperty
+@@ -1286,6 +1286,8 @@ static MagickBooleanType GetEXIFProperty
+         break;
+       components=(ssize_t) ((int) ReadPropertyLong(endian,q+4));
+       number_bytes=(size_t) components*tag_bytes[format];
++      if (number_bytes < components)
++        break; /* prevent overflow */
+       if (number_bytes <= 4)
+         p=q+8;
+       else
+@@ -1309,6 +1311,8 @@ static MagickBooleanType GetEXIFProperty
              buffer[MaxTextExtent],
              *value;
  



Home | Main Index | Thread Index | Old Index