diff options
Diffstat (limited to 'yocto-poky/meta/recipes-gnome/gdk-pixbuf')
-rw-r--r-- | yocto-poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-pixops-Be-more-careful-about-integer-overflow.patch | 89 | ||||
-rw-r--r-- | yocto-poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2015-7674.patch | 39 | ||||
-rw-r--r-- | yocto-poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.32.3.bb (renamed from yocto-poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb) | 19 |
3 files changed, 4 insertions, 143 deletions
diff --git a/yocto-poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-pixops-Be-more-careful-about-integer-overflow.patch b/yocto-poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-pixops-Be-more-careful-about-integer-overflow.patch deleted file mode 100644 index fe7c1d501..000000000 --- a/yocto-poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/0001-pixops-Be-more-careful-about-integer-overflow.patch +++ /dev/null @@ -1,89 +0,0 @@ -From ffec86ed5010c5a2be14f47b33bcf4ed3169a199 Mon Sep 17 00:00:00 2001 -From: Matthias Clasen <mclasen@redhat.com> -Date: Mon, 13 Jul 2015 00:33:40 -0400 -Subject: [PATCH] pixops: Be more careful about integer overflow - -Our loader code is supposed to handle out-of-memory and overflow -situations gracefully, reporting errors instead of aborting. But -if you load an image at a specific size, we also execute our -scaling code, which was not careful enough about overflow in some -places. - -This commit makes the scaling code silently return if it fails to -allocate filter tables. This is the best we can do, since -gdk_pixbuf_scale() is not taking a GError. - -https://bugzilla.gnome.org/show_bug.cgi?id=752297 - -Upstream-Status: backport - -Signed-off-by: Li Zhou <li.zhou@windriver.com> ---- - gdk-pixbuf/pixops/pixops.c | 22 +++++++++++++++++----- - 1 file changed, 17 insertions(+), 5 deletions(-) - -diff --git a/gdk-pixbuf/pixops/pixops.c b/gdk-pixbuf/pixops/pixops.c -index 29a1c14..ce51745 100644 ---- a/gdk-pixbuf/pixops/pixops.c -+++ b/gdk-pixbuf/pixops/pixops.c -@@ -1272,7 +1272,16 @@ make_filter_table (PixopsFilter *filter) - int i_offset, j_offset; - int n_x = filter->x.n; - int n_y = filter->y.n; -- int *weights = g_new (int, SUBSAMPLE * SUBSAMPLE * n_x * n_y); -+ gsize n_weights; -+ int *weights; -+ -+ n_weights = SUBSAMPLE * SUBSAMPLE * n_x * n_y; -+ if (n_weights / (SUBSAMPLE * SUBSAMPLE * n_x) != n_y) -+ return NULL; /* overflow, bail */ -+ -+ weights = g_try_new (int, n_weights); -+ if (!weights) -+ return NULL; /* overflow, bail */ - - for (i_offset=0; i_offset < SUBSAMPLE; i_offset++) - for (j_offset=0; j_offset < SUBSAMPLE; j_offset++) -@@ -1347,8 +1356,11 @@ pixops_process (guchar *dest_buf, - if (x_step == 0 || y_step == 0) - return; /* overflow, bail out */ - -- line_bufs = g_new (guchar *, filter->y.n); - filter_weights = make_filter_table (filter); -+ if (!filter_weights) -+ return; /* overflow, bail out */ -+ -+ line_bufs = g_new (guchar *, filter->y.n); - - check_shift = check_size ? get_check_shift (check_size) : 0; - -@@ -1468,7 +1480,7 @@ tile_make_weights (PixopsFilterDimension *dim, - double scale) - { - int n = ceil (1 / scale + 1); -- double *pixel_weights = g_new (double, SUBSAMPLE * n); -+ double *pixel_weights = g_malloc_n (sizeof (double) * SUBSAMPLE, n); - int offset; - int i; - -@@ -1526,7 +1538,7 @@ bilinear_magnify_make_weights (PixopsFilterDimension *dim, - } - - dim->n = n; -- dim->weights = g_new (double, SUBSAMPLE * n); -+ dim->weights = g_malloc_n (sizeof (double) * SUBSAMPLE, n); - - pixel_weights = dim->weights; - -@@ -1617,7 +1629,7 @@ bilinear_box_make_weights (PixopsFilterDimension *dim, - double scale) - { - int n = ceil (1/scale + 3.0); -- double *pixel_weights = g_new (double, SUBSAMPLE * n); -+ double *pixel_weights = g_malloc_n (sizeof (double) * SUBSAMPLE, n); - double w; - int offset, i; - --- -1.7.9.5 - diff --git a/yocto-poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2015-7674.patch b/yocto-poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2015-7674.patch deleted file mode 100644 index d516e88ab..000000000 --- a/yocto-poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf/CVE-2015-7674.patch +++ /dev/null @@ -1,39 +0,0 @@ -From e9a5704edaa9aee9498f1fbf6e1b70fcce2e55aa Mon Sep 17 00:00:00 2001 -From: Benjamin Otte <otte@redhat.com> -Date: Tue, 22 Sep 2015 22:44:51 +0200 -Subject: [PATCH] pixops: Don't overflow variables when shifting them - -If we shift by 16 bits we need to be sure those 16 bits actually exist. -They do now. - -Upstream-status: Backport -https://git.gnome.org/browse/gdk-pixbuf/commit/?id=e9a5704edaa9aee9498f1fbf6e1b70fcce2e55aa - -CVE: CVE-2015-7674 -Signed-off-by: Armin Kuster <akuster@mvista.com> - ---- - gdk-pixbuf/pixops/pixops.c | 10 +++++----- - 1 file changed, 5 insertions(+), 5 deletions(-) - -Index: gdk-pixbuf-2.30.8/gdk-pixbuf/pixops/pixops.c -=================================================================== ---- gdk-pixbuf-2.30.8.orig/gdk-pixbuf/pixops/pixops.c -+++ gdk-pixbuf-2.30.8/gdk-pixbuf/pixops/pixops.c -@@ -264,11 +264,11 @@ pixops_scale_nearest (guchar *des - double scale_x, - double scale_y) - { -- int i; -- int x; -- int x_step = (1 << SCALE_SHIFT) / scale_x; -- int y_step = (1 << SCALE_SHIFT) / scale_y; -- int xmax, xstart, xstop, x_pos, y_pos; -+ gint64 i; -+ gint64 x; -+ gint64 x_step = (1 << SCALE_SHIFT) / scale_x; -+ gint64 y_step = (1 << SCALE_SHIFT) / scale_y; -+ gint64 xmax, xstart, xstop, x_pos, y_pos; - const guchar *p; - - #define INNER_LOOP(SRC_CHANNELS,DEST_CHANNELS,ASSIGN_PIXEL) \ diff --git a/yocto-poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb b/yocto-poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.32.3.bb index dcd01b14e..ba94eecbd 100644 --- a/yocto-poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.30.8.bb +++ b/yocto-poky/meta/recipes-gnome/gdk-pixbuf/gdk-pixbuf_2.32.3.bb @@ -17,14 +17,12 @@ SRC_URI = "${GNOME_MIRROR}/${BPN}/${MAJ_VER}/${BPN}-${PV}.tar.xz \ file://extending-libinstall-dependencies.patch \ file://run-ptest \ file://fatal-loader.patch \ - file://0001-pixops-Be-more-careful-about-integer-overflow.patch \ - file://CVE-2015-7674.patch \ " -SRC_URI[md5sum] = "4fed0d54432f1b69fc6e66e608bd5542" -SRC_URI[sha256sum] = "4853830616113db4435837992c0aebd94cbb993c44dc55063cee7f72a7bef8be" +SRC_URI[md5sum] = "9275076639baa24a342f3e02c402920e" +SRC_URI[sha256sum] = "2b6771f1ac72f687a8971e59810b8dc658e65e7d3086bd2e676e618fd541d031" -inherit autotools pkgconfig gettext pixbufcache ptest-gnome +inherit autotools pkgconfig gettext pixbufcache ptest-gnome upstream-version-is-even gobject-introspection LIBV = "2.10.0" @@ -43,15 +41,12 @@ PACKAGECONFIG[jpeg2000] = "--with-libjasper,--without-libjasper,jasper" PACKAGECONFIG[gio-sniff] = "--enable-gio-sniffing,--disable-gio-sniffing,,shared-mime-info" PACKAGECONFIG[x11] = "--with-x11,--without-x11,virtual/libx11" -EXTRA_OECONF = "--disable-introspection" - PACKAGES =+ "${PN}-xlib" FILES_${PN}-xlib = "${libdir}/*pixbuf_xlib*${SOLIBS}" ALLOW_EMPTY_${PN}-xlib = "1" -FILES_${PN} = "${libdir}/gdk-pixbuf-2.0/gdk-pixbuf-query-loaders \ - ${libdir}/lib*.so.*" +FILES_${PN} += "${libdir}/gdk-pixbuf-2.0/gdk-pixbuf-query-loaders" FILES_${PN}-dev += " \ ${bindir}/gdk-pixbuf-csource \ @@ -60,12 +55,6 @@ FILES_${PN}-dev += " \ ${libdir}/gdk-pixbuf-2.0/${LIBV}/loaders/*.la \ " -FILES_${PN}-dbg += " \ - ${libdir}/.debug/* \ - ${libdir}/gdk-pixbuf-2.0/.debug/* \ - ${libdir}/gdk-pixbuf-2.0/${LIBV}/loaders/.debug/* \ -" - PACKAGES_DYNAMIC += "^gdk-pixbuf-loader-.*" PACKAGES_DYNAMIC_class-native = "" |