rpms/ImageMagick/FC-4 ImageMagick-6.2.2-format-string-again.patch, NONE, 1.1 ImageMagick.spec, 1.42, 1.43

[fedora-cvs-commits at redhat.com]

Author: mclasen

Update of /cvs/dist/rpms/ImageMagick/FC-4
In directory cvs.devel.redhat.com:/tmp/cvs-serv2667

Modified Files:
	ImageMagick.spec 
Added Files:
	ImageMagick-6.2.2-format-string-again.patch 
Log Message:
Fix a format string vuln.


ImageMagick-6.2.2-format-string-again.patch:
 blob.c |   10 +++++++++-
 1 files changed, 9 insertions(+), 1 deletion(-)

--- NEW FILE ImageMagick-6.2.2-format-string-again.patch ---
--- ImageMagick-6.2.2/magick/blob.c.format-string-again	2005-04-24 19:23:05.000000000 -0400
+++ ImageMagick-6.2.2/magick/blob.c	2006-01-23 09:32:47.000000000 -0500
@@ -1917,8 +1917,16 @@
             char
               format[MaxTextExtent];
 
+            /* Extract first numeric format specifier */
             (void) CopyMagickString(format,p,MaxTextExtent);
-            (void) FormatMagickString(p,MaxTextExtent,format,image->scene);
+            if (q-p+1 < MaxTextExtent)
+                    format[q-p+1]='\0';
+            /* Expand format */
+            (void) FormatMagickString(p,MaxTextExtent,format, image->scene);
+            /* Copy rest of string verbatim without further expansion */
+            (void) ConcatenateMagickString(filename,
+                                           image_info->filename+(q-filename)+1,
+                                           MaxTextExtent);
             break;
           }
       }


Index: ImageMagick.spec
===================================================================
RCS file: /cvs/dist/rpms/ImageMagick/FC-4/ImageMagick.spec,v
retrieving revision 1.42
retrieving revision 1.43
diff -u -r1.42 -r1.43
--- ImageMagick.spec	21 Jun 2005 15:30:02 -0000	1.42
+++ ImageMagick.spec	23 Jan 2006 14:35:43 -0000	1.43
@@ -9,7 +9,7 @@
 %else
 Version: %{VER}
 %endif
-Release: 3.fc4.0
+Release: 3.fc4.1
 License: freeware
 Group: Applications/Multimedia
 %if "%{Patchlevel}" != ""
@@ -25,6 +25,8 @@
 Patch7: ImageMagick-6.2.1-fixed.patch
 # 158791
 Patch8: ImageMagick-5.5.6-mask.patch
+# 176926
+Patch9: ImageMagick-6.2.2-format-string-again.patch
 
 Url: http://www.imagemagick.org/
 Buildroot: %{_tmppath}/%{name}-%{version}-root
@@ -119,6 +121,7 @@
 %patch6 -p1 -b .pkgconfig
 %patch7 -p1 -b .fixed
 %patch8 -p1 -b .mask
+%patch9 -p1 -b .format-string-again
 
 %build
 %configure --enable-shared \
@@ -228,6 +231,9 @@
 %doc PerlMagick/demo/ PerlMagick/Changelog PerlMagick/README.txt
 
 %changelog
+* Mon Jan  9 2006 Matthias Clasen <mclasen at redhat.com> 6.2.2.0-3.fc4.1
+- fix a format string vulnerability (CVE-2006-0082)
+
 * Tue Jun 21 2005 Matthias Clasen <mclasen at redhat.com> = 6.2.2.0-3.fc4.0
 - bump revision to make fc3->fc4 updates work (#160808)