rpms/SDL_image/F-7 SDL_image-IMG_lbm.patch, NONE, 1.1 SDL_image.spec, 1.13, 1.14

Brian Pepple (bpepple) fedora-extras-commits at redhat.com
Tue Jan 29 20:20:49 UTC 2008 

Author: bpepple

Update of /cvs/pkgs/rpms/SDL_image/F-7
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12927

Modified Files:
	SDL_image.spec 
Added Files:
	SDL_image-IMG_lbm.patch 
Log Message:
* Tue Jan 29 2008 Brian Pepple <bpepple at fedoraproject.org> - 1.2.5-7
- Add patch to fix ILBM image buffer overflow. (#430693)


SDL_image-IMG_lbm.patch:

--- NEW FILE SDL_image-IMG_lbm.patch ---
--- trunk/SDL_image/IMG_lbm.c	2007/07/20 04:37:11	3341
+++ trunk/SDL_image/IMG_lbm.c	2008/01/03 20:05:34	3521
@@ -28,6 +28,7 @@
    EHB and HAM (specific Amiga graphic chip modes) support added by Marc Le Douarain
    (http://www.multimania.com/mavati) in December 2003.
    Stencil and colorkey fixes by David Raulo (david.raulo AT free DOT fr) in February 2004.
+   Buffer overflow fix in RLE decompression by David Raulo in January 2008.
 */
 
 #include <stdio.h>
@@ -328,7 +329,7 @@
 						count ^= 0xFF;
 						count += 2; /* now it */
 
-						if ( !SDL_RWread( src, &color, 1, 1 ) )
+						if ( ( count > remainingbytes ) || !SDL_RWread( src, &color, 1, 1 ) )
 						{
 						   error="error reading BODY chunk";
 							goto done;
@@ -339,7 +340,7 @@
 					{
 						++count;
 
-						if ( !SDL_RWread( src, ptr, count, 1 ) )
+						if ( ( count > remainingbytes ) || !SDL_RWread( src, ptr, count, 1 ) )
 						{
 						   error="error reading BODY chunk";
 							goto done;


Index: SDL_image.spec
===================================================================
RCS file: /cvs/pkgs/rpms/SDL_image/F-7/SDL_image.spec,v
retrieving revision 1.13
retrieving revision 1.14
diff -u -r1.13 -r1.14
--- SDL_image.spec	25 Jan 2008 15:08:56 -0000	1.13
+++ SDL_image.spec	29 Jan 2008 20:20:07 -0000	1.14
@@ -1,6 +1,6 @@
 Name:		SDL_image
 Version:	1.2.5
-Release:	6%{?dist}
+Release:	7%{?dist}
 Summary:	Image loading library for SDL
 
 Group:		System Environment/Libraries
@@ -9,6 +9,7 @@
 Source0:	http://www.libsdl.org/projects/%{name}/release/%{name}-%{version}.tar.gz
 Patch0:		%{name}-1.2.5-IMG_xpm.patch
 Patch1:		%{name}-buffer-overflow.patch
+Patch2:		%{name}-IMG_lbm.patch
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 
 BuildRequires: 	SDL-devel >= 1.2.10
@@ -40,6 +41,7 @@
 %setup -q
 %patch0 -p0 -b .imgxpm
 %patch1 -p2 -b .overflow
+%patch2 -p2 -b .ilbm
 
 
 %build
@@ -86,7 +88,10 @@
 
 
 %changelog
-* Thu Jan 24 2008 Brian Pepple <bpepple at fedoraproject.org> - 1.2.5-5
+* Tue Jan 29 2008 Brian Pepple <bpepple at fedoraproject.org> - 1.2.5-7
+- Add patch to fix ILBM image buffer overflow. (#430693)
+
+* Thu Jan 24 2008 Brian Pepple <bpepple at fedoraproject.org> - 1.2.5-6
 - Add patch to fix buffer-overflow. (#430100)
 
 * Sun Aug  5 2007 Brian Pepple <bpepple at fedoraproject.org> - 1.2.5-5

More information about the fedora-extras-commits mailing list