rpms/tk/F-7 tk8.5-imgGif.patch,NONE,1.1 tk.spec,1.40,1.41
Marcela Mašláňová (mmaslano)
fedora-extras-commits at redhat.com
Mon Jan 28 09:03:43 UTC 2008
- Previous message (by thread): rpms/tk/F-8 tk8.5-imgGif.patch,NONE,1.1 tk.spec,1.45,1.46
- Next message (by thread): rpms/openoffice.org/devel workspace.cairotext01.patch, NONE, 1.1 openoffice.org.spec, 1.1406, 1.1407 openoffice.org-2.4.0.ooo85470.vcl.cairotext.patch, 1.2, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: mmaslano
Update of /cvs/pkgs/rpms/tk/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv8656
Modified Files:
tk.spec
Added Files:
tk8.5-imgGif.patch
Log Message:
- attached upstream patch
- similar to CVE-2006-4484, problem with GIF again #430100
tk8.5-imgGif.patch:
--- NEW FILE tk8.5-imgGif.patch ---
diff -up tk8.5.0/generic/tkImgGIF.c.old tk8.5.0/generic/tkImgGIF.c
--- tk8.5.0/generic/tkImgGIF.c.old 2008-01-28 08:40:19.000000000 +0100
+++ tk8.5.0/generic/tkImgGIF.c 2008-01-28 08:41:35.000000000 +0100
@@ -880,6 +880,12 @@ ReadImage(
Tcl_PosixError(interp), NULL);
return TCL_ERROR;
}
+
+ if (initialCodeSize > MAX_LWZ_BITS) {
+ Tcl_SetResult(interp, "malformed image", TCL_STATIC);
+ return TCL_ERROR;
+ }
+
if (transparent != -1) {
cmap[transparent][CM_RED] = 0;
cmap[transparent][CM_GREEN] = 0;
diff -up tk8.5.0/tests/imgPhoto.test.old tk8.5.0/tests/imgPhoto.test
--- tk8.5.0/tests/imgPhoto.test.old 2008-01-28 08:42:12.000000000 +0100
+++ tk8.5.0/tests/imgPhoto.test 2008-01-28 08:43:06.000000000 +0100
@@ -665,6 +665,35 @@ test imgPhoto-14.3 {GIF -index interleav
image delete $i
}
+test imgPhoto-14.4 {GIF buffer overflow} -setup {
+ set i [image create photo]
+} -body {
+ # This crashes Tk up to 8.4.17 and 8.5.0
+ $i configure -data {
+ R0lGODlhCgAKAPcAAAAAAIAAAACAAICAAAAAgIAAgACAgICAgMDAwP8AAAD/
+ AP//AAAA//8A/wD//////wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
+ AAAAMwAAZgAAmQAAzAAA/wAzAAAzMwAzZgAzmQAzzAAz/wBmAABmMwBmZgBm
+ mQBmzABm/wCZAACZMwCZZgCZmQCZzACZ/wDMAADMMwDMZgDMmQDMzADM/wD/
+ AAD/MwD/ZgD/mQD/zAD//zMAADMAMzMAZjMAmTMAzDMA/zMzADMzMzMzZjMz
+ mTMzzDMz/zNmADNmMzNmZjNmmTNmzDNm/zOZADOZMzOZZjOZmTOZzDOZ/zPM
+ ADPMMzPMZjPMmTPMzDPM/zP/ADP/MzP/ZjP/mTP/zDP//2YAAGYAM2YAZmYA
+ mWYAzGYA/2YzAGYzM2YzZmYzmWYzzGYz/2ZmAGZmM2ZmZmZmmWZmzGZm/2aZ
+ AGaZM2aZZmaZmWaZzGaZ/2bMAGbMM2bMZmbMmWbMzGbM/2b/AGb/M2b/Zmb/
+ mWb/zGb//5kAAJkAM5kAZpkAmZkAzJkA/5kzAJkzM5kzZpkzmZkzzJkz/5lm
+ AJlmM5lmZplmmZlmzJlm/5mZAJmZM5mZZpmZmZmZzJmZ/5nMAJnMM5nMZpnM
+ mZnMzJnM/5n/AJn/M5n/Zpn/mZn/zJn//8wAAMwAM8wAZswAmcwAzMwA/8wz
+ AMwzM8wzZswzmcwzzMwz/8xmAMxmM8xmZsxmmcxmzMxm/8yZAMyZM8yZZsyZ
+ mcyZzMyZ/8zMAMzMM8zMZszMmczMzMzM/8z/AMz/M8z/Zsz/mcz/zMz///8A
+ AP8AM/8AZv8Amf8AzP8A//8zAP8zM/8zZv8zmf8zzP8z//9mAP9mM/9mZv9m
+ mf9mzP9m//+ZAP+ZM/+ZZv+Zmf+ZzP+Z///MAP/MM//MZv/Mmf/MzP/M////
+ AP//M///Zv//mf//zP///yH5BAEAABAALAAAAAAKAAoAABUSAAD/HEiwoMGD
+ CBMqXMiwYcKAADs=
+ }
+} -cleanup {
+ image delete $i
+} -returnCodes error -result {malformed image}
+
test imgPhoto-15.1 {photo images can fail to allocate memory gracefully} \
{nonPortable} {
# This is not portable to very large machines with more around
Index: tk.spec
===================================================================
RCS file: /cvs/pkgs/rpms/tk/F-7/tk.spec,v
retrieving revision 1.40
retrieving revision 1.41
diff -u -r1.40 -r1.41
--- tk.spec 15 Oct 2007 14:31:08 -0000 1.40
+++ tk.spec 28 Jan 2008 09:03:06 -0000 1.41
@@ -3,7 +3,7 @@
Summary: The graphical toolkit for the Tcl scripting language
Name: tk
Version: %{majorver}.13
-Release: 6%{?dist}
+Release: 7%{?dist}
Epoch: 1
License: BSD
Group: Development/Languages
@@ -23,6 +23,7 @@
Patch4: tk-8.4.13-autoconf.patch
Patch5: tk-8.4.13-cflags.patch
Patch6: tk-gifoverflow.patch
+Patch7: tk8.5-imgGif.patch
%description
When paired with the Tcl scripting language, Tk provides a fast and powerful
@@ -51,6 +52,7 @@
%patch4 -p1 -b .4-ac213
%patch5 -p1 -b .5-cflags
%patch6 -p1 -b .6-gif
+%patch7 -p1 -b .7-imgGIF
# patch1 touches tcl.m4
%build
@@ -119,6 +121,10 @@
%{_mandir}/man3/*
%changelog
+* Mon Jan 28 2008 Marcela Maslanova <mmaslano at redhat.com> - 1:8.4.13-7
+- attached upstream patch
+- similar to CVE-2006-4484, problem with GIF again #430100
+
* Mon Oct 15 2007 Marcela Maslanova <mmaslano at redhat.com> - 1:8.4.13-6
- CVE-2007-5137 gif buffer overflow
- Previous message (by thread): rpms/tk/F-8 tk8.5-imgGif.patch,NONE,1.1 tk.spec,1.45,1.46
- Next message (by thread): rpms/openoffice.org/devel workspace.cairotext01.patch, NONE, 1.1 openoffice.org.spec, 1.1406, 1.1407 openoffice.org-2.4.0.ooo85470.vcl.cairotext.patch, 1.2, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list