diff options
author | eric | 2014-12-19 03:38:02 +0000 |
---|---|---|
committer | Jakob Gahde | 2016-09-26 11:27:19 +0200 |
commit | b5dedc50e387fb8885866376a191999fc8be7376 (patch) | |
tree | d60a7e838352ca3bd58b94310764f713be4e2040 /jasper-1.900.1-fix-filename-buffer-overflow.patch | |
parent | 9081218c1b90ce6c9423a698bce35bc5726daa90 (diff) | |
download | aur-b5dedc50e387fb8885866376a191999fc8be7376.tar.gz |
upgpkg: jasper 1.900.1-12
Add CVE patches (close FS#43155)
git-svn-id: file:///srv/repos/svn-packages/svn@227774 eb2447ed-0c53-47e4-bac8-5bc4a241df78
Diffstat (limited to 'jasper-1.900.1-fix-filename-buffer-overflow.patch')
-rw-r--r-- | jasper-1.900.1-fix-filename-buffer-overflow.patch | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/jasper-1.900.1-fix-filename-buffer-overflow.patch b/jasper-1.900.1-fix-filename-buffer-overflow.patch new file mode 100644 index 000000000000..eba6cbe49a8b --- /dev/null +++ b/jasper-1.900.1-fix-filename-buffer-overflow.patch @@ -0,0 +1,37 @@ +Description: Filename buffer overflow fix + This patch fixes a security hole by a bad buffer size handling. +Author: Roland Stigge <stigge@antcom.de> +Bug-Debian: http://bugs.debian.org/645118 + +--- a/src/libjasper/include/jasper/jas_stream.h ++++ b/src/libjasper/include/jasper/jas_stream.h +@@ -77,6 +77,7 @@ + #include <jasper/jas_config.h> + + #include <stdio.h> ++#include <limits.h> + #if defined(HAVE_FCNTL_H) + #include <fcntl.h> + #endif +@@ -99,6 +100,12 @@ extern "C" { + #define O_BINARY 0 + #endif + ++#ifdef PATH_MAX ++#define JAS_PATH_MAX PATH_MAX ++#else ++#define JAS_PATH_MAX 4096 ++#endif ++ + /* + * Stream open flags. + */ +@@ -251,7 +258,7 @@ typedef struct { + typedef struct { + int fd; + int flags; +- char pathname[L_tmpnam + 1]; ++ char pathname[JAS_PATH_MAX + 1]; + } jas_stream_fileobj_t; + + #define JAS_STREAM_FILEOBJ_DELONCLOSE 0x01 |