[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

rpms/libexif/devel libexif-integer-overflow.patch, NONE, 1.1 libexif.spec, 1.29, 1.30



Author: mclasen

Update of /cvs/pkgs/rpms/libexif/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8583

Modified Files:
	libexif.spec 
Added Files:
	libexif-integer-overflow.patch 
Log Message:
fix an integer overflow


libexif-integer-overflow.patch:

--- NEW FILE libexif-integer-overflow.patch ---
Patch to prevent integer overflow that might result in out-of-bound
write in memcpy() #240055

Index: libexif/exif-data.c
===================================================================
RCS file: /cvsroot/libexif/libexif/libexif/exif-data.c,v
retrieving revision 1.89
retrieving revision 1.90
diff -u -p -r1.89 -r1.90
--- libexif/exif-data.c	9 May 2007 06:09:05 -0000	1.89
+++ libexif/exif-data.c	10 May 2007 14:32:01 -0000	1.90
@@ -179,7 +179,9 @@ exif_data_load_data_entry (ExifData *dat
 	else
 		doff = offset + 8;
 
-	/* Sanity check */
+	/* Sanity checks */
+	if ((doff + s < doff) || (doff + s < s))
+		return 0;
 	if (size < doff + s)
 		return 0;
 


Index: libexif.spec
===================================================================
RCS file: /cvs/pkgs/rpms/libexif/devel/libexif.spec,v
retrieving revision 1.29
retrieving revision 1.30
diff -u -r1.29 -r1.30
--- libexif.spec	5 Feb 2007 03:15:57 -0000	1.29
+++ libexif.spec	24 May 2007 17:32:17 -0000	1.30
@@ -1,13 +1,14 @@
 Summary: Library for extracting extra information from image files
 Name: libexif
 Version: 0.6.13
-Release: 3%{?dist}
+Release: 4%{?dist}
 Group: System Environment/Libraries
 License: LGPL
 URL: http://libexif.sourceforge.net/
 Source0: libexif-%{version}.tar.bz2 
 Source1: libexif-docs.tar.gz
 Patch0: libexif-0.6.13-dont-build-docs.patch
+Patch1: libexif-integer-overflow.patch
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) 
 BuildRequires: doxygen
 
@@ -32,6 +33,7 @@
 # and neuter make all in the docs dir
 tar xzf %{SOURCE1}
 %patch0 -p1 -b .dont-build-docs
+%patch1 -p0 -b .integer-overflow
 
 %build
 %configure --disable-static --disable-docs
@@ -67,6 +69,9 @@
 %{_libdir}/pkgconfig/libexif.pc
 
 %changelog
+* Thu May 24 2007 Matthias Clasen <mclasen redhat com> - 0.6.13-4
+- Add patch for CVE-2007-2645.
+
 * Sun Feb  4 2007 Matthias Clasen <mclasen redhat com> - 0.6.13-3
 - Package review cleanups
 - Avoid multilib conflicts by using pregenerated docs


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]